1 / 20

Chapter 12

Chapter 12. Security Testing. Objectives. In this chapter, you will: Discuss the benefits and legal concerns of security testing Learn reconnaissance techniques used by abusers Recognize network probes Study how security vulnerabilities can be exploited. Benefits and Legal Concerns.

maurilio-nihill
Download Presentation

Chapter 12

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 12 Security Testing

  2. Objectives In this chapter, you will: • Discuss the benefits and legal concerns of security testing • Learn reconnaissance techniques used by abusers • Recognize network probes • Study how security vulnerabilities can be exploited

  3. Benefits and Legal Concerns • Benefits • Determines if current security controls are sufficient • Network and systems can be viewed from the “outside” • Determine if current security controls have been implemented

  4. Benefits and Legal Concerns • Legal Concerns • Breaking into systems is illegal • Waiver should be used to cover activities

  5. Reconnaissance • Company information search • Company Web site • Newsgroups • Search engines (e.g., Google.com) • EDGAR • Media

  6. Reconnaissance • Technical searches • Domain name translation • IP lookups • Nslookup • Whois • ARIN • Samspade.org

  7. Reconnaissance

  8. Probing the Defenses • Operating system utilities • Ping • Traceroute • Telnet • FTP • Nbtstat

  9. Probing the Defenses

  10. Probing the Defenses

  11. Probing the Defenses

  12. Probing the Defenses • Other security tools • Port scanners (e.g., nmap) • Vulnerability scanners (e.g., nessus) • Detecting a NIC in promiscuous mode • Monitor DNS queries • Timing tricks • OS responses • Security tools

  13. Probing the Defenses

  14. Probing the Defenses

  15. Exploiting Security Vulnerabilities • Establishing a foothold • Buffer overflow • Stack and heap overflows • Staging areas • Cache of tools • FTP / TFTP • Netcat

  16. Exploiting Security Vulnerabilities

  17. Exploiting Security Vulnerabilities • Sniffing • Monitor network traffic • Tcpdump / windump • Application exploitation

  18. Exploiting Security Vulnerabilities

  19. Summary • Security testing offers three benefits: security professionals can see if IT defenses hold up to attacks; organizations can identify what information about the company is accessible; and testing allows organizations to determine if the vulnerabilities have been fixed. • Security testing must be preceded by explicit permission from the target organization. There are three main phases of a security test: reconnaissance, probing, and attacking. • Sources, such as search engines, EDGAR, and newsgroups, can provide information about the target company. • Nslookup and whois utilities allow testers to find various pieces of information, such as domain names, IP addresses, and contacts.

  20. Summary • Ping, traceroute, Telnet, FTP, and nbtstat are utilities that are included with most operating systems and can double as testing tools. • Port scanners, such as nmap, provide open services, available servers, and other information about the target organization. • Vulnerability scanners, such as nessus, add another level of intelligence gathering by testing for known vulnerabilities. • After establishing a foothold in the target environment, attackers can develop a stash of utilities, install sniffers, exploit additional applications, or install additional security exploitation tools to further the attack.

More Related