Information Networking Security and Assurance Lab National Chung Cheng University 1 A Vulnerability Assessment NIKTO.

Slides:



Advertisements
Similar presentations
Expose the Vulnerability Paul Hogan Ward Solutions.
Advertisements

Infosec 2012 | 25/4/12 Application Performance Monitoring Ofer MAOR CTO Infosec 2012.
Detection Scenarios ReconWeaponizationDeliverExploitationInstallationC2 Act on Objectives File File - Name URI – Domain Name URI – URL HTTP - GET HTTP.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
System Security Scanning and Discovery Chapter 14.
SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS PRESENTED BY Sri Vallabh Aida Janciragic Sashidhar Reddy.
System and Network Security Practices COEN 351 E-Commerce Security.
Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/041 Auditing your Microsoft Windows system Host-Based Intrusion.
CGIWrap CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
2004, Jei Tripwire An Intrusion Detection Tool Information Networking Security and Assurance Lab National Chung Cheng University.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Host-Based Intrusion Detection software TRIPWIRE & MD5.
Information Networking Security and Assurance Lab National Chung Cheng University F.I.R.E. Forensics & Incident Response Environment.
Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.
Information Networking Security and Assurance Lab National Chung Cheng University WebGoat.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 )
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.
Information Networking Security and Assurance Lab National Chung Cheng University Backdoors and Remote Access Tools INSA Laboratory.
Information Networking Security and Assurance Lab National Chung Cheng University Yaha.
Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
TOPIC 1 – SERVER SIDE APPLICATIONS IFS 234 – SERVER SIDE APPLICATION DEVELOPMENT.
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
C Copyright © 2009, Oracle. All rights reserved. Appendix C: Service-Oriented Architectures.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
A Security Review Process for Existing Software Applications
Copyright (c) 2010, Dr. Kuanchin Chen1 The Client-Server Architecture of the WWW Dr. Kuanchin Chen.
JD’s ToolBox – Fire and Water Toolkit Next Generation Web Assessment Technology NT OBJECTives, Inc.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
1 Vulnerability Analysis and Patches Management Using Secure Mobile Agents Presented by: Muhammad Awais Shibli.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
A Networked Machine Management System 16, 1999.
Network Security: Lab#5 Port Scanners and Intrusion Detection System
1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
Web Security Group 5 Adam Swett Brian Marco. Why Web Security? Web sites and web applications constantly growing Complex business applications are now.
1 Chapter Overview Creating Web Sites and FTP Sites Creating Virtual Directories Managing Site Security Troubleshooting IIS.
VULN SCANNING Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.
Web Security. Introduction Webserver hacking refers to attackers taking advantage of vulnerabilities inherent to the web server software itself These.
Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.
Unit 2: Cyber Security Part 3 Monitoring Tools & other Security Products.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Penetration Testing Social Engineering Attack and Web-based Exploitation CIS 6395, Incident Response Technologies Fall.
Outline Securing your system before the IDS and some tools to help you
Web Application Security
Penetration Test Debrief
Penetration Testing Karen Miller.
A Security Review Process for Existing Software Applications
Penetration Test Debrief
Nessus Vulnerability Scanning
IS3440 Linux Security Unit 9 Linux System Logging and Monitoring
Operating System Security
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Requests and Server Response Codes
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Vulnerability Assessment NIKTO

Information Networking Security and Assurance Lab National Chung Cheng University 2 Description Nikto is a web server scanner which performs comprehensive tests against web server for multiple items  2600 potentially dangerous files/CGIs  Versions on over 625 servers  Version specific problems on over 230 servers Nikto support for LibWhisker’s anti-IDS methods (IDS evasion)

Information Networking Security and Assurance Lab National Chung Cheng University 3 Description Nikto perform security or information checks  Misconfigurations  Default files and scripts  Insecure files and scripts  Outdate software

Information Networking Security and Assurance Lab National Chung Cheng University 4 Purpose To understand what is vulnerability scanner, and why we need it To family with the operation of the Nikto vulnerability scanner.

Information Networking Security and Assurance Lab National Chung Cheng University 5 Principle and Pre-study A look at whisker's anti-IDS tactics  an HTTP request defined by RFC 1945 Types of IDS  Smart  Raw

Information Networking Security and Assurance Lab National Chung Cheng University 6 IDS evasion Evasion typeEvasion method 1Method matching GET /cgi-bin/some.cgi  HEAD /cgi-bin/some.cgi 2URL encoding cgi-bin  %63%67%69%2d%62%69%6e 3Double slashes /cgi-bin/some.cgi  //cgi-bin//some.cgi 4Reverse traversal /cgi-bin/some.cgi  GET /cgi-bin/blahblah/../some.cgi HTTP/1.0 5Self-reference directories cgi-bin/phf  /./cgi-bin/./phf 6Premature request endingGET /%20HTTP/1.0%0d%0aHeader:%20/../../cgi-bin/some.cgi HTTP/1.0\r\n\r\n 7Parameter hidingGET /index.htm%3fparam=/../cgi-bin/some.cgi HTTP/1.0 8HTTP mis-formattingMethod URI HTTP/Version CRLF CRLF -> Method URI HTTP/ Version CRLF CRLF 9Long URLsGET /rfprfp rfprfp/../cgi-bin/some.cgi HTTP/1.0 10DOS/Win directory syntax "/cgi-bin/some.cgi“  "/cgi-bin\some.cgi" 11NULL method processingGET%00 /cgi-bin/some.cgi HTTP/1.0 12Case sensitivity /cgi-bin/some.cgi  /CGI-BIN/SOME.CGI 13Session splicing "GET / HTTP/1.0“  "GE", "T ", "/", " H", "T", "TP", "/1", ".0" 14In summaryCombine multiple tactics together

Information Networking Security and Assurance Lab National Chung Cheng University 7 Required Facilities Permission  Do not proceed without receiving the necessary permissions Hardware:  PC or Workstation with UNIX-based OS Software  Perl  Nikto 1.32  NET::SSLeay  LibWhisker  OpenSSL

Information Networking Security and Assurance Lab National Chung Cheng University 8 Step (I): install Nikto Install nikto with port tree After install nikto, patch /usr/local/bin/nikto.pl to indicate the config.txt patch /usr/local/etc/nikto/config.txt to indicate the plugin directory

Information Networking Security and Assurance Lab National Chung Cheng University 9 IDS evasion option mutate checks option IDS evasion method

Information Networking Security and Assurance Lab National Chung Cheng University 10 Basic scan information Report the result Web server banner and basic function Report some vulnerability and suggest the solution

Information Networking Security and Assurance Lab National Chung Cheng University 11 Step (II): execute nikto Basic scan information Report the result Web server banner and basic function Report some vulnerability and suggest the solution

Information Networking Security and Assurance Lab National Chung Cheng University 12 Step (III): IDS evasion Detection with IDS evasion method 1 2 on target

Information Networking Security and Assurance Lab National Chung Cheng University 13 Summary CGI exploits are everywhere. It is most important that you scan your own site so that you can see what attackers might see. Nikto is a PERL, open source web server scanner which supports SSL. It checks for remote web server vulnerabilities and misconfigurations.

Information Networking Security and Assurance Lab National Chung Cheng University 14 Reference Nikto  Comprehensive Perl Archive Network  LibWhisker  A look at whisker’s anti-IDS tactics 

Information Networking Security and Assurance Lab National Chung Cheng University 15 Outline A Real World Attack: wu-ftp Vulnerability Scanners All-Purpose Tools Application Inspection TRIPWIRE & MD5

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.