By Bruce Ellis Western Governors University
Demonstrate the need for updating information systems Build security awareness Inform management of the risk Inform organizations of the potential consequences Most used operating system in the business industry
Failure to apply security patches Failure to update application/software Failure to upgrade operating systems Failure to provide continuous security assessments
UTILIZED BACKTRACK 4OPERATING SYSTEMS TESTED Tested security of Windows Operating Systems using tools from Backtrack 4 Nessus Metasploit Nmap Windows XP SP 1 Windows XP SP 3 Windows Vista Business Windows Server 2003
Scanned systems first using Nessus to find potential vulnerabilities, shares, user accounts, computer name etc. Scanned systems to find open ports Utilized metasploit to set payloads for potential vulnerabilities found using open ports.
Hacking and Penetration Results CRVMRVLRVOPF#VE Windows XP SP Windows XP SP Windows Vista00410 Windows Server CRV= Critical Risk Vulnerabilities MRV= Medium Risk Vulnerabilities LRV= Low Risk Vulnerabilities OPF= Open Ports Found #VE= Vulnerabilities Exploited
Milestones were met as predicted except for successful exploitation of Windows Vista Business
At the beginning of the testing phase there were problems exploiting Windows XP SP 1 due to lack of proficiency in metasploit. Finding detailed information on Backtrack 4 and use of metasploit.