Developing a penetration test methodology in ensuring router security and testing it in a virtual laboratory

Abstract

In today's world of informatics, penetration tests becoming one of the most important factors in ensuring corporate information security. Penetration test methodologies provided to this day for ensuring information security have mostly concentrated on network components such as servers and firewalls. The fact that there has not been sufficient focus on router security in the penetration tests that have been conducted leads to major problems in ensuring corporate information security. This study presents a router penetration test methodology consisting of three steps to ensure full range router security. The effectiveness of the methodology presented was analyzed in a virtual penetration test laboratory, for which the design is provided in this study. Following the test trials, it was observed that the presented test methodology enables the common security vulnerabilities occurring on routers to be controlled in order.