• No results found

Penetration Testing. Presented by

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Penetration Testing. Presented by"

Copied!
29
0
0

Loading.... (view fulltext now)

Download now ( 29 Page )

Full text

(1)

Penetration Testing

(2)

Roadmap



Introduction to Pen Testing



Types of Pen Testing



Approach and Methodology



Side Effects



Demonstration

(3)

Introduction and Fundamentals



Penetration Testing



Definition:

The portion of security testing in which the penetrators attempt to circumvent the security features of a system. The penetrators may be assumed to use all system

design and implementation documentation, which may include listings of system source code, manuals, and circuit diagrams. The penetrators work under no

constraints other than those that would be applied to

(4)

In English?



Concepts explained

 What is the purpose of a penetration test?  What does it try to accomplish?

(5)

Concepts Explained



Purpose

 VERIFY effectiveness of organization’s information

security



Accomplishment

 IDENTIFY and CONFIRM weak areas and potential

risks and threats



Benefits

 OPPORTUNITY to PREPARE prior to an actual

(6)

Penetration Testing



Procedures used to test and possibly bypass

security measures of a system.



Emulate the same methods used by Hackers.



Discover weaknesses within the technical

infrastructure.

(7)

Types of Penetration Testing

Internet Routers Routers Switches Switches Firewalls Firewalls Operating Systems Operating Systems

Services such as HTTP, Telnet, etc.

Services such as HTTP, Telnet, etc. Network

Network

Authentication controls

Authentication controls

Source codes errors

Source codes errors

(8)

Types of Penetration Testing

Network Network Application Application Social Engineering Social Engineering

Wardialing: It is a technique used to identify the phone

numbers that can successfully make a connection with a computer modem.

Wardriving: The act of driving around in a vehicle with a

laptop computer, an antenna, and an 802.11 wireless LAN adapter to exploit existing wireless networks.

Bluesnarfing: Bluesnarfing is the theft of information

from a wireless device through a Bluetooth connection.

It is a collection of techniques used to manipulate people into performing actions or divulging confidential

information.

(9)

Approaches to Penetration Testing

Zero Knowledge

Zero Knowledge Partial KnowledgePartial Knowledge Full KnowledgeFull Knowledge 

 Perform many Perform many

irrelevant tests.

irrelevant tests.



 Failure to test all Failure to test all

relevant platforms. relevant platforms.   Accidentally Accidentally damage network damage network devices or servers. devices or servers. 

 Failure to finish Failure to finish

work in a timely

work in a timely

manner.

manner.



 Reduce the amount of Reduce the amount of

irrelevant tests.

irrelevant tests.



 Reduce the possibility of Reduce the possibility of

damage to network

damage to network

devices or servers.

devices or servers.



 Tailored test Tailored test

according to the according to the network devices or network devices or servers. servers. 

 More detailed tests.More detailed tests. 

 Ability to identify Ability to identify

more issues in

more issues in

platforms that are

platforms that are

critical to the

critical to the

organization.

(10)

Penetration Testing Methodology –

Purpose and Importance

 Methodology determines the success of a

penetration test

 Differentiates between “Structured” and “Unstructured”

mode

 Defines the approach the attackers follow in order to

execute the tests

(11)
(12)

Methodology – Scenery Definition

Internet Web Server Homebanking Email Server Firewall Head Quarter Remote Access Workstations Servers Branch

Person with network access

User with remote access

Person surfing the Internet

Internal user with specific privileges

(13)

Penetration Testing Methodology –

Phase Breakdown and Description



Scope Definition

 Understanding the requirements

 Identifying what needs to be targeted

(14)

Penetration Testing Methodology –

Phase Breakdown and Description



Mapping / Foot-printing

 Understanding the target environment

 Identifying its components and nodes

 Identify as much as possible on the targets and their

surrounding characteristics

(15)

Penetration Testing Methodology –

Phase Breakdown and Description



Information Gathering (Enumeration and

Vulnerability Assessment)

 Proceed with acquiring as much information as

possible on the identified targets

 Identify any potential vulnerabilities

 Determine the possible exploitations that apply

 Pre-assess likelihood and % of exploitation success  Consideration of any false positives

(16)

Penetration Testing Methodology –

Phase Breakdown and Description

 Intrusion (Exploitation)

 Follow on an Intrusion plan, determined by the information

gathered

 More-to-Less vulnerable hosts  Higher-to-Lower level of risk

 Privilege escalation

 Manual Intrusion attempts

 Scripted/Tool Intrusion attempts

 Ensure on proper carryout and minimize potential for actual

(17)

Penetration Testing Methodology –

Phase Breakdown and Description

 Reporting (Documentation and Presentation)

 Gather all draft annotations and remarks during the previous phases  Remove and clean any exploitation traces and leave systems intact  Organize clear system information and related compromises

 Provide a technical documentation on the steps followed to exploit any

found vulnerabilities

 Provide a technical documentation on the remedy steps and

amelioration techniques

 Provide a management/executive summary on findings and

recommendations

(18)

 Dangerous vs. Safe

 Dangerous exploits or attempts are the ones that can either

cause downtime or damage to an existing system.

 Sometimes are necessary, depending on the level of engagement

(Denial of Service tests)

 Recommended to attain information safely

 Almost always a safe approach can provide the information needed

 Inexperience and or abuse can produce dangerous penetration

tests

(19)

 Intrusive vs. Non-Intrusive

 Intrusive – intent to attack

 Password cracking  SQL injection

 Buffer overflow exploit

 Non-Intrusive - intent to gain information rather than attack

 Information reconnaissance  Port scanning

 Foot-printing  Discovery

 Important to know when to choose

(20)

Penetration Testing Methodology –

Importance of Execution Style



“Trigger-Happy” vs. Professional

 Anyone can “load” a tool and execute scripts

 Inappropriate access  Damage to the system

 Wrong or inefficient results  Improper analysis

 Waste of time

 Professional approach demands adequate analysis

(21)

Penetration Testing Side Effects



Downtime



Data Corruption

(22)

Penetration Testing Side Effects



Downtime

 State of a system being unavailable and/or

neutralized

 Access is denied

 Calls for proper system restoration and/or emergency

failover activities

 Usually costs on productivity, revenue and/or

(23)



Data Corruption and Loss

 Target data and associated repositories become

inaccessible or unavailable

 Access is lost or denied

 Calls for proper system restoration and/or emergency

failover activities

 Usually costs on productivity, revenue and/or

perception

(24)

Penetration Testing Side Effects



Improper Methodology

 Can lead to downtime

 Can lead to data loss

(25)

Penetration Testing Side Effects



Improper Execution

 Can lead to downtime

 Can lead to data loss

(26)

Penetration Testing Side Effects



Inexperienced or improper Tester

 Can lead to downtime

 Can lead to data loss

(27)
(28)
(29)

Contact Information

Enterprise Risk Management

Enterprise Risk Management

Phone: 305.447.6750 Phone: 305.447.6750 Mobile: 305.335.7610 Mobile: 305.335.7610 Fax: 305.447.6752 Fax: 305.447.6752 e

e--mail: mail: [email protected]@emrisk.com

URL:

References

Download now ( PDF - 29 Page - 598.09 KB )

Related documents

Vu Hai Dang_Cam Nang 9 IELTS_February 2017

Hãy nghe 1 câu rồi viết lại, thay vì cắt nhỏ từng từ ra nghe – việc này sẽ giúp bạn ôn luyện khả năng lưu thanh cũng như bắt buộc đầu óc của bạn phải làm việc

Incomes and outcomes : the dynamic interaction of the marriage market and the labor market

Overall, from the simulated data we find that in the U.S., higher spousal wage increases the hazard of wives, and this effect is due to the insurance of spousal income

Course Title: Penetration Testing: Communication Media Testing, 1st Edition

Penetration Testing: Communication Media Testing covers Wireless Network Penetration Testing, Advanced Wireless Testing, VoIP Penetration Testing, VPN Penetration Testing,

Addressing curriculum deficiencies in veterinary public health: a comparison of other health professions’ experiences

training” [59]. The title encompasses the content of the session. Clearly, public health deficiencies in veterinary education are recognized by the AAVMC and ASPH. Should the

OP-AMP AND ITS APPLICATIONS

The adder circuit provides an output voltage proportional to or equal to the algebraic sum of two or more input voltages each multiplied by a constant gain factor.. It is

Design and Implementation of Online Mall Based on Mobile Internet

Client terminal system is based on Android platform and Java language to support the registration of users log in commodities browse and sort the goods searching and sorting,

Web Application Penetration Testing

• Burp Suite Professional v1.3 - High level overview of features • Demo of testing and Burp features. Now the

Cloud Computing Secured. Thomas Mitchell CISSP. A Technical Communication

A cloud can be private or public. A public cloud sells services to anyone on the Internet. Amazon Web Services today is the largest public cloud provider. A private cloud is