DIYTP 2009. Assessing a System - Basics  Why?  Vulnerabilities  What to look at:  The six ‘P’s  Patch  Ports  Protect  Policies  Probe  Physical.

Slides:



Advertisements
Similar presentations
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Advertisements

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Information Networking Security and Assurance Lab National Chung Cheng University Network Security (I) 授課老師 : 鄭伯炤 Office: Dept. of Communication Rm #112.
Forces that Have Brought the world to it’s knees over the centuries.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Network Security Testing Techniques Presented By:- Sachin Vador.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Chapter 5 Phase 1: Reconnaissance. Reconnaissance  Finding as much information about the target as possible before launching the first attack packet.
Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Payment Card Industry (PCI) Data Security Standard
Authorization and Policy. Is principal P permitted to perform action A on object O? – Authorization system will provide yes/no answer Authorization.
Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)
Information Gathering Lesson 4. Steps for Gathering Information Find out initial information Open Source Whois Nslookup Find out address range of the.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
GCSE ICT Viruses, Security & Hacking. Introduction to Viruses – what is a virus? Computer virus definition - Malicious code of computer programming How.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Endpoint Control. Module Objectives By the end of this module participants will be able to: Define application detection lists to monitor applications.
CERN’s Computer Security Challenge
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.
CIS 450 – Network Security Chapter 3 – Information Gathering.
COEN 350 Security Threats. Network Based Exploits Phases of an Attack  Reconnaissance  Scanning  Gaining Access  Expanding Access  Covering Tracks.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Information Systems Security Operations Security Domain #9.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Android Mobile Security Krystal Salerno. Introductions.
Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.
Note1 (Admi1) Overview of administering security.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.
GCSC August Backup Exec Critical Vulnerability Cannot offer tcp/6101, tcp/6106 & tcp/10000 to offsite Will be scanning from offsite soon Strongly.
COEN 250 Security Threats. Network Based Exploits Phases of an Attack Reconnaissance Scanning Gaining Access Expanding Access Covering Tracks.
Small Business Security Keith Slagle April 24, 2007.
Module 11: Designing Security for Network Perimeters.
Footprinting and Scanning
James S. Rothfuss, Computer Protection Program COMPUTING SCIENCES NETS Network Equipment Tracking System.
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
JMU GenCyber Boot Camp Summer, Introduction to Reconnaissance Information gathering – Social engineering – Physical break-in – Dumpster diving Scanning.
ONLINE SAFETY AND SECURITY Computer Basics 1.5. INFAMOUS CYBER ATTACKS IN 2014 Sony Pictures: Attackers stole just about everything in the corporate network,
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Footprinting/Scanning/ Enumeration Lesson 9. Footprinting External attack: Enables attackers to create a profile of an organization’s security posture.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
WHAT IS FOOTPRINTING?. FOOTPRINTING  Active  Passive - Passive footprinting is a method in which the attacker never makes any contact with the target.
Working at a Small-to-Medium Business or ISP – Chapter 8
Footprinting and Scanning
Secure Software Confidentiality Integrity Data Security Authentication
Footprinting (definition 1)
Footprinting and Scanning
FootPrinting CS391.
Learning objectives By the end of this unit you should: Explain
Chapter 4: Protecting the Organization
How hackers do it Ron Woerner Security Administrator CSG Systems, Inc.
6. Application Software Security
IP Addresses & Ports IP Addresses – identify a device on a network
Presentation transcript:

DIYTP 2009

Assessing a System - Basics  Why?  Vulnerabilities  What to look at:  The six ‘P’s  Patch  Ports  Protect  Policies  Probe  Physical

Assessing a System - Basics  Patches  First rule of computer security  Patches are released for all types of software, all the time  MUST BE UP-TO-DATE!!  Organization should have a patch management policy/system

Assessing a System - Basics  Ports  Should be managed by ‘least privilege’ principle  Ports which are not needed, should be shut down  ….as well as their associated services  Protect  Protective software/devices should be used  Firewall  IDS  Anti-virus

Assessing a System - Basics  Policies  Should be reviewed periodically as organizational needs and software/hardware changes  Types:  Acceptable use (i.e. , Internet use)  Disaster recovery  Password

Assessing a System – Basics  Probe  Take a look and see what the network looks like  Should use multiple analysis tools to assess your network  Look for security flaws  Should be scheduled regularly

Assessing a System - Basics  Physical  Policy or procedures should address how systems are secured  Do they need to be locked up?  Backup media  Is it stored in a secure location? (i.e. fireproof safe)  Routers/switches/hubs  Who has access?  How should it be secured?

Assessing a System – Initial Reconnaissance  Tools  Nslookup  IP addresses  Records for domain  Whois  Owner of a domain, IP address  ARIN  IP address allocation

Assessing a System – Initial Reconnaissance  Netcraft  What the target is running  VisualRoute  Visual traceroute to target  Sam Spade  Multiple tools in one package

Assessing a System – Social Engineering  Social Engineering  People are security’s weakest link  Many attack vectors  Impersonation  Dumpster diving  Shoulder surfing

Assessing a System - Scanning  Common Tools:  Nmap and Nessus  Finds hosts  Operating system  Firewalls  Vulnerabilities  Ping  IP Connectivity  Traceroute  Maps out route to target