Penetration testing &
•
Penetration Testing•
Vulnerability Scanning•
Social engineering•
Security Services offered by EndavaAgenda
Who I am
•
Catanoi Maxim – Information Security Consultant at Endava
•
Certifications:
•
EC-Council, Certified Ethical Hacker
•
EC-Council, Certified Security Analyst
•
EC-Council, Licensed Penetration Tester
•
SANS/GIAC Penetration Tester
•
PCI-DSS, PCI Professional (Payment Card Industry)
IN YOUR ZONE
What is a Penetration Testing?
•
A penetration test is a method of evaluating the security of a computer system or network by simulating an attack from a malicious sourceWhy Penetration Testing?
•
Find Holes Now Before Somebody Else Does•
To make a point to decision makers about the need for action or resources•
Real-world proof of need for action•
Report Problems to Management•
Evaluate efficiency of security protection•
Security Training For Network Staff•
Discover Gaps In Compliance•
Testing New TechnologyIN YOUR ZONE
Penetration Testing types
•
Network services test•
Client-side security test•
Application security test•
Passwords attack•
Wireless & Remote Access security test•
Social engineering test•
Physical security testPenetration Testing area
Security policies, procedures, and education
Policies, procedures, and awareness
Guards, locks, tracking devices
Physical security
Application hardening
Application
OS hardening, authentication, security update management, antivirus updates, auditing
Host
Network segments, NIDS
Internal network
Firewalls, boarder routers, VPNs with quarantine procedures
Perimeter
Strong passwords, ACLs, backup and restore
strategy
IN YOUR ZONE
Penetration Testing profile
•
Black Box
•
White Box
•
Grey Box
8•
External
•
Internal
•
Destructive
•
None-destructive
•
Announced
•
Unannounced
Penetration Testing methodology
•
Proprietary methodologies:•
IBM•
ISS•
Found Stone•
EC-Council LPT•
Open source and public methodologies:•
OSSTIMM•
CISSP•
CISA•
CHECKIN YOUR ZONE
Penetration Testing flow
•
Scope/Goal Definition•
Information Gathering•
Vulnerability Detection/Scanning•
Information Analysis and Planning•
Attack& Penetration/Privilege Escalation•
Result Analysis & Reporting.•
Clean-up10
REPEAT
IN YOUR ZONE
LPT Penetration Testing roadmap (cont)
Who should perform a Penetration Test?
•
This is a highly manual process•
Art of finding an open door•
An qualified expert from outside holding recognized certifications like CEH, ECSA, CISSP, CISA, CHECK•
Networking – TCP/IP contepts, cabling techniques•
Routers, firewalls, IDS•
Ethical Hacking techniques – exploits, hacking tools, etc…•
Databases – Oracle, MSSQL, mySQL•
Operation Systems – Windows, Linux, Mainframe, Mac•
Wireless protocols – Wifi, Bluetooth•
Web servers, mail servers, access devices•
Programming languagesIN YOUR ZONE
What makes a good Penetration Test
•
Establishing the parameter for penetration test such as objectives and limitation•
Hiring skilled and experienced professional to perform the test•
Choosing suitable set of tests that balance cost and benefits•
Following a methodology with proper planning and documentation•
Documenting the result carefully and making it comprehensible for the client•
Stating the potential risk and findings clearly in the final reportVulnerability Scanning – standalone service
•
An established process for identifying vulnerabilities on internal and external systems•
Reduce the likelihood of a vulnerability being exploited and potential compromise of a system component•
Internal vulnerability scans should be performed at least quarterlyIN YOUR ZONE
How often?
•
On regular basis, at least annually•
Internal penetration test•
External penetration test•
Vulnerability scanning at least quarterly•
New network infrastructure or applications are added•
Significant upgrades or modifications are applied to infrastructure or applications•
New office locations are established•
Security patches are applied•
End user policies are modifiedSocial Engineering
The art of manipulating people so they give up
confidential information.
IN YOUR ZONE
E-mail Spoofing
Bank Domain SPF record comertbank.md v=spf1 mx -all socbank.md v=spf1 ip4:83.218.209.32 a mx victoriabank.md v=spf1 ip4:195.22.231.16/28 maib.md v=spf1 mx -all moldindconbank.com ? bem.md v=spf1 mx ~all ecb.md ?
unibank.md v=spf1 a mx ip4:217.26.160.15/32 ~all
fincombank.com ?
energbank.com v=spf1 mx ip4:217.12.112.18 ~all procreditbank.md v=spf1 mx mx:mail.procredit.md -all bcr.md v=spf1 mx ip4:91.220.94.0/24 -all eximbank.com v=spf1 ip4:212.56.207.34 ~all
mobiasbanca.md v=spf1 ip4:194.247.52.237 a mx -all
SMS Spoofing
•
SMS spoofing is a relatively new technology which uses the short message
service (SMS), available on most mobile phones and personal digital
assistants, to set who the message appears to come from by replacing the
originating mobile number (Sender ID) with alphanumeric text
•
Spoofing has both legitimate uses (setting the company name from which
the message is being sent, setting your own mobile number, or a product
name) and illegitimate uses (such as impersonating another person,
IN YOUR ZONE
Call Spoofing
•
Caller ID spoofing is the practice of causing the telephone network to
indicate to the receiver of a call that the originator of the call is a station
other than the true originating station
Security Services Offered by Endava
•
Regular External and Internal Vulnerability Scans•
Regular Penetration Tests•
PCI-DSS Assessment•
Implementing ISO 27001 and/or ISO 9001 Standards•
Security Trainings•
Security Consultation•
Security Audits•
Custom Security Solution•
Intrusion Monitoring SolutionIN YOUR ZONE
