• No results found

Build Your Own Security Lab

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Build Your Own Security Lab"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

Build Your Own

Security Lab

A Field Guide

for Network Testing

Michael Gregg

WILEY

(2)

Contents

Acknowledgments Introduction

Chapter 1 Hardware and Gear

Why Build a Lab? Hackers Welcome Hacker Software Hacker Hardware The Essential Gear

Obtaining Requisite Hardware /Software Stuff You Already Have

New-Equipment Purchases Used-Equipment Purchases

Online Auctions Thrift Stores Company Sales

Assembling the Network Lab Starting Clean

Configuring the Network Installing Operating Systems

Windows XP Linux

Connecting Everything Together Adding On

Summary Key Terms Exercises

Equipment Checklist Exploring Linux Options

Exploring Other Operating System Options

(3)

xiv Contents

Chapter 2 Building a Software Test Platform 31

Server OS Installations 31 Microsoft Windows 32

Linux 36 Navigating in Linux 39

Linux Basics 41 Other Operating Systems 44

Mac OS X 44 ReactOS 45 Windows PE 45 Virtualization 47 VMware Workstation 48 VMware Server 51 Virtual PC 52 Client-Side Tools 53 Learning Applications 55 Summary 56 Key Terms 57 Exercises 58

Using VMware to Build a Windows Image 58 Using VMware to Build a ReactOS Image 59 Running BackTrack from VMware 60

Chapter 3 Passive Information Gathering 63

Starting at the Source 64 Scrutinizing Key Employees 68

Dumpster Diving (Electronic) 71 Analyzing Web Page Coding ,. 74

Exploiting Web Site Authentication Methods 77 Mining Job Ads and Analyzing Financial Data 80 Using Google to Mine Sensitive Information 83

Exploring Domain Ownership 84

WHOIS 85 Regional Internet Registries 88

Domain Name Server 89 Identifying Web Server Software 93

Web Server Location 95

Summary 96 Key Terms 97 Exercises 98

IP Address and Domain Identification 98

(4)

Chapter 4 Detecting Live Systems

Detecting Active Systems Wardriving

ICMP (Ping) Port Scanning

TCP/IP Basics

The Network Access Layer The Internet Layer The Host-to-Host Layer The Application Layer TCP and UDP Port Scanning

Advanced Port-Scanning Techniques Idle Scan

Port-Scanning Tools Nmap

SuparScan

Other Scanning Tools OS Fingerprinting Passive Fingerprinting Active Fingerprinting OS Fingerprinting Tools Scanning Countermeasures Summary Key Terms Exercises

Port Scanning with Nmap Port Scanning with SuperScan Using Look@LAN

Passive Fingerprinting Active Fingerprinting

Chapter 5 Enumerating Systems

Enumeration SNMP Services

SNMP Enumeration Tools

SNMP Enumeration Countermeasures Routing Devices

Routing Enumeration Tools

Routing Enumeration Countermeasures Windows Devices

Server Message Block and Interprocess Communication Enumeration and the IPC$ Share

Windows Enumeration Tools

(5)

xvi Contents

Chapter 6

Chapter 7

Sniffing Password Hashes Exploiting a Vulnerability Buffer Overflows Summary Key Terms Exercises SNMP Enumeration

Enumerating Routing Protocols Enumeration with DumpSec Rainbow Table Attacks

Automated Attack and Penetration Tools

Why Attack and Penetration Tools Are Important Vulnerability Assessment Tools

Source Code Assessment Tools Application Assessment Tools System Assessment Tools

Attributes of a Good System Assessment Tool Nessus

Automated Exploit Tools Metasploit

Metasploit Web Metasploit Console

Metasploit Command-Line Interface Updating Metasploit

ExploitTree

Exploitation Framework Core Impact

CANVAS

Determining Which Tools to Use Picking the Right Platform Summary

Key Terms Exercises

Metasploit BackTrack Metasploit Windows

Exploring N-Stalker, a Vulnerability Assessment Tool Exploring the SecurityForest.com Web Site

Understanding Cryptographic Systems

Encryption

Secret Key Encryption Data Encryption Standard Triple DES

Advanced Encryption Standard One-Way Functions (Hashes)

(6)

SHA 232 Public Key Encryption 232

RSA 233 Diffie-Hellman 234

El Gamal 235 Elliptic Curve Cryptosystem 235

Hybrid Cryptosystems 235 Authentication 236 Password Authentication 237 Password Hashing 237 Challenge-Response 240 Session Authentication 241 Public Key Authentication 242 Public Key Infrastructure 242

Certificate Authority 242 Registration Authority 243 Certificate Revocation List 243 Certificate-Based Authentication 243

Biometrics 245 Encryption and Authentication Attacks 247

Extracting Passwords 248 Password Cracking 249

Dictionary Attack ^ 249 Brute-Force Attack 250 Rainbow Table 250 Other Cryptographic Attacks 251

Summary 252 Key Terms 253 Exercises 254

RainbowCrack 254 CrypTool 255 John the Ripper 257

Chapter 8 Defeating Malware 259

The Evolving Threat 259 Viruses and Worms 261

Viruses 261 Worms 264 Timeline 265 Detecting and Preventing 269

(7)

xviii Contents

Rootkits Spyware Botnets Phishing Summary Key Terms Exercises Virus Signatures Building Trojans Rootkits Finding Malware

Securing Wireless Systems

Wi-Fi Basics

Wireless Clients and NICs Wireless Access Points

Wireless Communication Standards Bluetooth Basics

Wi-Fi Security

Wired Equivalent Privacy Wi-Fi Protected Access 802.1x Authentication Wireless LAN Threats

Wardriving NetStumbler Kismet Eavesdropping

Rogue and Unauthorized Access Points Denial of Service

Exploiting Wireless Networks Finding and Assessing the Network Setting Up Aerodump

Configuring Aireplay

Deauthentication and ARP Injection Capturing IVs and Cracking the WEP KEY Other Wireless Attack Tools

Exploiting Bluetooth Securing Wireless Networks

Defense in Depth Misuse Detection Summary Key Terms Exercises Using NetStumbler

Using Wireshark to Capture Wireless Traffic

(8)

Chapter 10

Chapter 11

Intrusion Detection

Overview of Intrusion Detection and Prevention IDS Types and Components

IDS Engines

An Overview of Snort Platform Compatibility

Assessing Hardware Requirements Installing Snort on a Windows System

MySQL

Limiting Access

Installing the Base Components Basic Configuration

Verification of Configuration Building Snort Rules

The Rule Header Logging with Snort Rule Options

Creating and Testing a Simple Rule Set The Snort User Interface

IDScenter

Installing IDScenter Configuring IDScenter

Basic Analysis and Security Engine

Advanced Snort: Detecting Buffer Overflows Responding to Attacks /Intrusions

Summary Key Terms Exercises

Building a Snort Windows System Making a One-Way Data Cable

Forensic Detection

Computer Forensics Acquisition

Drive Removal and Fingerprint Drive-Wiping

Logical and Physical Copies Logical Copies

Physical Copies Imaging the Drive Authentication

Trace-Evidence Analysis Browser Cache

Email Evidence

Deleted/Overwritten Files and Evidence Other Trace Evidence

(9)

xx Contents

Hiding Techniques

Common File-Hiding Techniques Advanced File-Hiding Techniques Steganography

Antiforensics Summary Key Terms Exercises

Detecting Hidden Files Basic File-Hiding Advanced File-Hiding Reading Email Headers

Use S-Tools to Embed and Encrypt a Message

References

Download now ( PDF - 9 Page - 3.54 MB )

Related documents

Using VMware Horizon Client for Mac OS X

a If this is the first time you are using the USB feature, from the VMware Horizon Client menu bar, click Connection > USB > Start remote USB services and provide

The Bantu area: (towards clearing up) a mess

Moreover, due to the re-shuffling of languages, some of Guthrie’s original groups have been “emptied” completely of languages in the classifications of both Tervuren and SIL so

MEMORANDUM OF UNDERSTANDING

With the exception of Expedited Consultation and Expedited Surgeries performed in VSC’s, the WCB may, in its sole discretion, limit the number of Expedited

Antimicrobial Resistance Profiles and Characterization of Escherichia coli Strains from Cases of Neonatal Diarrhea in Spanish Pig Farms

coli strains involved in porcine neonatal diarrhea outbreaks by genotyping and phenotyping isolates grown as pure cultures from both clinical cases of diarrheic and

Managing Physical and Virtual Machines in Paragon Protect & Restore

Paragon Protect & Restore allows you to manage all of your Windows systems – physical or virtual, server or workstation – as well as VMware ESX-based

Determinants Influencing Quality of Finance and Accounting Education: The Case Study of Vietnam

Research results show that the role of lecturers, the social behavior of students, the innovation of the training program and the application of information technology have

Temporal Dimension and Equilibrium Exchange Rate: a FEER / BEER Comparison

In this sense, our BEER measure of misalignment was obtained as the difference between the observed and the equilibrium real exchange rate, which corresponds to the

Literature. I can read, understand, and discuss the fiction stories I read.

RI.7.4 □ I can figure out the meanings of words and phrases in a piece of informational text by thinking about how they are used.. RI.7.4 □ I can analyze the author’s word choice