Documente Academic
Documente Profesional
Documente Cultură
Worm,
Spyware,
Distruption to the process Financial Damage/ Loss of assets / data Damage to the Image/ Reputation of the company To suit needs of business partner Creating a public perception of IT security Products Handling threats and weaknesses of IT with Optimal condition
Regulation
has value to an organization and consequently needs to be suitably protected Whatever form the information takes, or means by which it is shared or stored, it should always be appropriately protected
Business Asset
Tangible Asset Physical Assets Software Assets Intangible Asset Information Assets (Electronic & Non Electronic) Services People Company Image / Reputation
TCP/IP
An acronym that stands for Transmission Control Protocol/Internet Protocol TCP/IP is the language of the Internet Communications Protocol
TCP/IP Attack
Basic Attack Ping of Death Land Attack Syn Flood Smurf Man in The Middle Attack (MITM) ARP Spoofing etc
The OWASP top 10 Attack Web Application Security Risk for 2010
A1: Injection A2: Cross-Site Scripting (XSS) A3: Broken Authentication and Session Management A4: Insecure Direct Object References A5: Cross-Site Request Forgery (CSRF) A6: Security Misconfiguration A7: Insecure Cryptographic Storage A8: Failure to restrict URL Access A9: Insufficient Transport Layer Protection A10: Unvalidated Redirects and Forwards
Penetration testing is the practice of a trusted third-party company attempting to compromise the computer network of an organization for the purpose of assessing its security.
Penetration tester is an ethical hacker who is hired to attempt to compromise the network of a company for the purpose of assessing its data security.
(Penetration Tester)
No Code of Ethics Unauthorized Attempts to Bypass Logging No Report Exploit Vulnerabilities Bad Guy Follow a Strict Code of Ethics Must Have Authorization Must Log All Activity Must Present a Detailed Report Attempts to Correct Vulnerabilites Good Guy
Type of Penetration
BlackBox Testing
Provide the Penetretion Tester with complete knowledge of the Infrastructure, network diagram, and IP address information.
GrayBox Testing
Phases
Planning Phase
Identification of contact individuals from both side, Opening meting to confirm the scope, approach and methodology Agree to specific test cases and escalation paths
Assessment Phase
1. Information Gathering 2. Network Mapping 3. Vulnerability Identification 4. Penetration 5. Gaining Access & Privilege Escalation 6. Enumerating Further 7. Compromise Remote Users/Sites 8. Maintaining Access 9. Covering Tracks
Report Phase
Describe the identified vulnerabilities Provide a risk rating Give guidance on the mitigation of the
discovered weaknesses.
Information Gathering
Information gathering consists of collecting all possible information about the target of the security assessment to help the assessor to perform a thorough security evaluation.
An assessor may be able to gain insight into the target network: Employees (name and number of employees, role, positions and contact details,) Technology partners (technologies used, locations, computing platforms) Business partners (involvement, location, their trust relationship, and so on) Business/financial history, investments, and investor details Web presence (name and number of domains, where they are hosted, etc.) Physical locations (offices, data centers, partners, warehouses) Network topology and -architecture Technologies being implemented on the network E-mails, phone numbers, or any other personal information Company location, product names, and names of senior managers in the company IP block owned Administration and maintenance contact for target domain and IP block
Tools
Ping Nmap (Network Mapper) Nessus Metasploit
To produce a probable network topology for the target Identify Live Hosts
Nessus
The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.
Nessus
Penetration
Metasploit
WHAT IS IT? The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
Metasploit
WHAT DOES IT DO? The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.
Interest
Develop Wireless Sensor Network for Medical Health Monitoring 802.1x for Wireless Local Area Network ( Cryptography )