network security testing techniques l.
Skip this Video
Loading SlideShow in 5 Seconds..
Network Security Testing Techniques PowerPoint Presentation
Download Presentation
Network Security Testing Techniques

Loading in 2 Seconds...

play fullscreen
1 / 18
Download Presentation

Network Security Testing Techniques - PowerPoint PPT Presentation

Download Presentation

Network Security Testing Techniques

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Network Security Testing Techniques Presented By:- Sachin Vador

  2. System Development Life Cycle

  3. System Development Life Cycle • 1. Initiation – the system is described in terms of its purpose, mission, and configuration. • 2. Development and Acquisition – the system is possibly contracted and constructed according to documented procedures and requirements. • 3. Implementation and Installation – the system is installed and integrated with other applications, usually on a network. • 4. Operational and Maintenance – the system is operated and maintained according to its mission requirements. • 5. Disposal – the system’s lifecycle is complete and it is deactivated and removed from the network and active use.

  4. When is the Network Security Testing done? • It is done after system has been developed, installed and integrated during Implementation and Operational stages.

  5. Tools and Techniques for Network Security • Network Scanning • Vulnerability Scanning • Password Cracking • Log Reviews • War Dialing • Wireless LAN Testing (War Driving) • Penetration Testing

  6. Network Scanning • Scan for connected hosts • Scan for services running on the host • Scan for which applications are running those services • How Scanning takes place? Ping the hosts using ICMP ECHO and Reply. Look for open TCP/UDP ports. • Operating system fingerprinting. Not reliable as firewalls can be configured to camouflage the operating system.

  7. Network Scanning • Vulnerabilities of IIS different from Apache. • Listen on the remote port. • Banner Grabbing. • Need human to interpret the results. • Preparation for Penetration Testing.

  8. Network Scanning Results • Investigate and disconnect unauthorized hosts • Disable or remove unnecessary and vulnerable services • Modify vulnerable hosts to restrict access to vulnerable services to a limited number of required hosts (e.g., host level firewall or TCP wrappers), and • Modify enterprise firewalls to restrict outside access to known vulnerable services.

  9. Vulnerability Scanning • Takes Network Scanning 1 step ahead. • Maintains database of vulnerabilities in operating systems. • They generate more traffic that port scanners. • Network based Scanners. • Host based Scanners.

  10. Log Reviews • Dynamic picture of system activities. • Conformance with the security policies. • IDS sensors placed behind firewall. • Change Firewall Policies.

  11. War Dialing • Unauthorized modems. • Dialing software can dial hundreds of numbers in short time • Block the inbound calls to the identified number if it is not possible to remove them

  12. War Driving • Wireless Default Configuration is insecure. • Drive Test • Just need wireless network card and testing tools • Frequency of testing

  13. Penetration Testing • It is a method of getting into the system by using the techniques used by the attacker. • Specific IP addresses/ranges to be tested • Any restricted hosts (i.e., hosts, systems, subnets, not to be tested) • A list of acceptable testing techniques (e.g. social engineering, DoS, etc.) and tools (password crackers, network sniffers, etc.) • Times when testing is to be conducted (e.g., during business hours, after business hours, etc.) • Identification of a finite period for testing • IP addresses of the machines from which penetration testing will be conducted so that administrators can differentiate the legitimate penetration testing attacks from actual malicious attacks • Points of contact for the penetration testing team, the targeted systems, and the networks • Measures to prevent law enforcement being called with false alarms (created by the testing) • Handling of information collected by penetration testing team.

  14. Penetration Testing • Blue Teaming • Red Teaming

  15. Phases of Penetration Testing

  16. Phases of Penetration Testing • Planning Phase Goals are set. Permission is taken. No testing. • Discovery Phase Testing starts. Port scanning is used to identify the vulnerabilities. • Executing the attack Exploit the vulnerabilities.

  17. Conclusion • Acceptable use guidelines (e.g., what is acceptable use of organization computing and network resources) • Roles and responsibilities (for users, administrators, management) • Authentication (e.g., passwords, biometrics) • Availability of resources (redundancy, recovery, backups) • Compliance (infractions, consequences and penalties).

  18. Questions ?