LPTv4 Module 41 Data Leakage Penetration Testing

ECSA/LPT
EC Council
EC-Council
Mod le XXXXI
Module
Data Leakage Penetration
T ti
Testing
Penetration Testing Roadmap

Start Here
Information
Vulnerability
External
Gathering
Analysis
Penetration Testing
Fi
Firewall
ll
Penetration Testing
Router and
Switches
Internal
Network
Penetration Testing
Penetration Testing
Wireless
Network
Denial of
Service
Penetration Testing
Penetration Testing
IDS
Penetration Testing
Contd
Application
Penetration Testing
EC-Council
Stolen Laptop, PDAs

and Cell Phones
Penetration Testing
Social
Engineering
Password
Cracking
Penetration Testing
Penetration Testing
Copyright by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Penetration Testing Roadmap

(cont d)
(contd)
Contd
Physical
S
Security
i
Database
P
Penetration
i testing
i
VoIP
P
Penetration
i T
Testing
i
War Dialing
VPN
Penetration Testing
Penetration Testing
Virus and
Vi
d
Trojan
Detection
Log
Management
Penetration Testing
Blue Tooth and

Hand held
Device
Penetration Testing
File Integrity
Checking
End Here
Data Leakage
Penetration Testing
EC-Council
Security
Patches
Penetration Testing
Email Security
Penetration Testingg
Telecommunication
And Broadband
Communication
Penetration Testing
Data Leakage
Loss of private and sensitive data affects the financial
condition of an organization, and damages its reputation.
Many companies are worried about data leakage through
email.
EC-Council
Data Leakage Statistics
Source: http://www.networksunlimited.com
EC-Council
How Much Security?
Source: Infowatch, 2007
EC-Council
How Data Can be Leaked

Doors of data leakage:
USB and other removable devices
FTP ports
Bluetooth
Email attachments
Firewire
Memory slots
Spyware and Trojans
EC-Council
What to Protect
Employees information such as names, addresses, social security numbers, and other identity-related
information
Marketing and new product plans
Corporate strategies
Target markets and prospect information
Usual business methods
Product designs,
designs research
research, and costs
Alliance and contract arrangements: delivery, pricing, and terms
Customer and supplier information
Staffing, operations, and wage/salary
Credit records or credit union account information
Trade secrets and intellectual property
EC-Council
Steps for Data Leakage

Penetration Testing
Step 1: Check physical availability of USB devices
Step 2: Check whether USB drive is enabled
Step 3: Try to enable USB
Step 4: Check whether USB asks for password
Step 5: Check whether Bluetooth is enabled
Step 6: Check if the firewire is enabled
Step 7: Check if FTP ports 21,22 are enabled
EC-Council
Steps for Data Leakage

Penetration Testing (cont
(contd)
d)
Step 8: Check whether memory slot is available and enabled in systems
Step 9: Check whether employees are using camera devices within
restricted areas
Step 10: Check whether systems have any camera driver installed
Step 11: Check whether anti-spyware and anti-trojans are enabled
Step 12: Check whether encrypted data can be decrypted
Step 13: Check if the internal hardware components are locked
Step 14: Check whether mail and attachments size is restricted
EC-Council
Step 1: Check Physical

Availability of USB Devices
USB devices are used for bulk data transfer.
A system uses USB devices to transfer the data.
Check the device manager to find the physical availability of USB
devices.
EC-Council
Step 2: Check Whether USB

Drive is Enabled
A USB drive is directly connected to the computer through USB port and is used
for data transfer.
Check whether USB drive is enabled or disabled.
EC-Council
Step 3: Try to Enable USB

If the USB is disabled, try to enable the USB.
If you are able to enable the device, it means that the user has admin
privileges, which should not be the case for normal users.
EC-Council
Step 4: Check Whether USB

Asked for Password
Most USB devices are secured with a password.
password
Check whether the device is asked for authentication after it
is connected to the system.
EC-Council
Step 5: Check Whether Bluetooth

is Enabled
Some systems have built
built-in
in Bluetooth
connectivity options.
Check whether these connections are

enabled.
Try to enable such connection.

If you are able to enable the device, it
means that the user has admin
privileges which should not be the case
privileges,
for normal users.
EC-Council
Step 6: Check if the Firewire is

Enabled
Firewire is used to transfer data at a
hi h speed.
higher
d
It transfers data upto 400 Mbps.
Mbps
It is also known as IEEE 1394.

1394
Check whether firewire is enabled
or not.
Go to the DOS window and type
ipconfig/all.
EC-Council
Step 7: Check if FTP Ports 21 and

22 are Enabled
Check whether FTP ports 21 and 22 are enabled or not.
Check the firewall settings to see if the ports are blocked.
EC-Council
Step 8: Check Whether any Memory Slot is

Available and Enabled in Systems
y
There are manyy memoryy slots p
present on the system,
y
, such as RAM slots,,
SRAM slots, and virtual memory slots.
Check for all available memory slot in the system.
Use the slot manager which creates slot information record for each
memory slot.
Slot manager identifies all the memory resources and creates a slot
resource table.
EC-Council
Step 9: Check Whether Employees are

Using Camera Devices within Restricted
Areas
Employees
p y
with camera devices can easilyy capture
p
confidential data in
their device.
Illegal use of such devices in restricted/sensitive areas leads to data
leakage.
EC-Council
Step 10: Check Whether Systems have

Anyy Camera Driver Installed
Check whether the system

y
has
any camera driver installed.
The image cannot be display ed. Your computer may not hav e enough memory to open the image, or the image may hav e been corrupted. Restart y our computer, and then open the file again. If the red x still appears, y ou may hav e to delete the image and then insert it again.
Go to My Computer
PropertiesHardwareDevi
ce Manager
EC-Council
Step 11: Check Whether AntiSpyware and Anti-Trojans are

E bl d
Enabled
Check whether anti-spyware
py
and anti-Trojans
j
are enabled
or not.
Send
S
d malicious
li i
programs to the
h system and
d check
h k whether
h h
these anti-spyware detects it or not.
EC-Council
Step 12: Check Whether Encrypted

be Decrypted
yp
Data Can b
Data encryption technique protects organizations vital
information against unauthorized users.
Use cryptanalysis tools to decrypt the encrypted
information.
Cryptanalysis tools:
Jipher
Crank
EC-Council
Step 13: Check if the Internal

p
are Locked
Hardware Components
Check whether internal hardware components
such as LAN/WLAN and PCMCIA cards are
locked or not.
EC-Council
Step 14: Check Whether Size of Mail

and Mail Attachments is Restricted
Check the size limits for mails and mail attachments.
For Microsoft Exchange Server, Go to the mailbox properties

mail flow setting tab and open the message size restriction
di l box
dialog
b tto check
h k th
the size
i off th
the ttransferred
f
d and
d received
i d mail.
il
Try to
T
t send
d the
th attachment
tt h
th
having
i more size
i th
than th
the d
defined
fi d
limit.
EC-Council
Data Privacy and Protection Acts

G
Gramm-Leach-Bliley
y
Health Insurance Portability and Accountability Act
(HIPAA)
The Patriot Act
Data Protection Act
Sarbanes Oxley Act (SOX)

EC-Council
Data Protection Tools

VIP Privacy
Safend Protector
VISOCO Data Protection Master

CryptEnCrypt
Reconnex's iGuard
Steganos Security Suite
Data Protection Software
FolderAccess
LockFolder
EC-Council
Private InfoKeeper
QwikSecure File Protection
System
Summary
Loss of private and sensitive data affects the financial condition and
reputation of the organization.
organization
Employees information such as names, addresses, and social security
p
numbers must be protected.
Doors of data leakage are USB, FTP ports, Bluetooth, email attachment,
firewire, memory slots, spyware, and Trojans.
Check physical availability of USB devices and try to enable them.
Check whether Bluetooth, firewire, and FTP ports are enabled.
Check whether anti-spyware and anti-Trojans are enabled.
EC-Council
EC-Council
EC-Council

LPTv4 Module 41 Data Leakage Penetration Testing

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

LPTv4 Module 41 Data Leakage Penetration Testing

Încărcat de

Drepturi de autor:

Formate disponibile

ECSA/LPT

Penetration Testing Roadmap

Stolen Laptop, PDAs

Penetration Testing Roadmap

Blue Tooth and

Data Leakage Statistics

How Much Security?

Source: Infowatch, 2007

How Data Can be Leaked

Steps for Data Leakage

Steps for Data Leakage

Step 1: Check Physical

Step 2: Check Whether USB

Step 3: Try to Enable USB

Step 4: Check Whether USB

Step 5: Check Whether Bluetooth

Check whether these connections are

Try to enable such connection.

Step 6: Check if the Firewire is

It is also known as IEEE 1394.

Step 7: Check if FTP Ports 21 and

Check the firewall settings to see if the ports are blocked.

Step 8: Check Whether any Memory Slot is

Check for all available memory slot in the system.

Step 9: Check Whether Employees are

Step 10: Check Whether Systems have

Check whether the system

Step 11: Check Whether AntiSpyware and Anti-Trojans are

Step 12: Check Whether Encrypted

Step 13: Check if the Internal

Step 14: Check Whether Size of Mail

Check the size limits for mails and mail attachments.

For Microsoft Exchange Server, Go to the mailbox properties

Data Privacy and Protection Acts

Data Protection Act

Sarbanes Oxley Act (SOX)

Data Protection Tools

VISOCO Data Protection Master

S-ar putea să vă placă și