Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technical Methodology (bottom-up) Lesson 8. 6-step Process Step 1: Site Survey Step 2: Develop a test plan Step 3: Build the toolkit Step 4: Conduct the.

Published byUnique Osburn Modified over 9 years ago

Similar presentations

Presentation on theme: "Technical Methodology (bottom-up) Lesson 8. 6-step Process Step 1: Site Survey Step 2: Develop a test plan Step 3: Build the toolkit Step 4: Conduct the."— Presentation transcript:

1 Technical Methodology (bottom-up) Lesson 8

2 6-step Process Step 1: Site Survey Step 2: Develop a test plan Step 3: Build the toolkit Step 4: Conduct the assessment Step 5: Analysis Step 6: Documentation

3 Site Survey Need to ascertain a number of different things in order to better scope the technical portion of the assessment. Consider also adding wireless to the questionnaire. Take a look at Exhibit 1 pg. 90, use as appropriate

4 Develop a Test Plan You, as a security professional, will probably be (or at least should be) more “up-to-date” on security vulnerabilities. New ones occur all the time and it is hard for folks who do not have security as their prime function to stay up on all of the latest problems. This will be one of the most valuable aspects of the assessment. But, what if they have a system you don’t know much about? How do you find out about what holes exist? Fortunately, lots of sites exist that will help.

5

6

7

8 Not active

9 Some interesting stuff but not up-to-date

10

11

12

13

14

15

16

17

18

19 Additional Web Sites http://www.ciac.org/ciac/index.html http://www.atstake.com http://www.cerias.purdue.edu/about/history/coast/ http://www2.packetstorm.org:443/ Check Exhibit 8 in your text for additional sites

20 Building the Toolkit Zero-Information-Based Tools Basic information about the company and the network Goal is to “map out” the network Includes tools to examine a target’s Internet presence. Network Enumeration Tools Trying to determine hosts actually connected Operating System Fingerprint Tools Attempt to determine the type of OS(s) used Application Discovery Tools Try to find what applications systems may be running Vulnerability Scanning Tools “one stop shopping”, tools may list specific holes Specialty Tools Designed to look for specific problems (e.g. wardialing, web scanners, password crackers, …)

21 NVA tools Final Two Application tools: check for things like cookie manipulation, URL modification (web apps) Host Testing tools: Stop running tools over the network, run them on individual hosts Exhibit 57, pg 148 from Peltier text

22 Conduct the Assessment Now is the time to run all of those tools you collected in the previous step (note, in reality you may discover something with one tool that will require you to find another tool to test some aspect of the network’s security) Two types of tests: Active which will impact network service (although it may be minor) Passive which will not impact service DoS tests – often not conducted since client will not want network service halted You must also be careful as some active tools may cause a DoS or may actually crash some systems. TEST YOUR TOOLS BEFORE YOU USE THEM!!!

23 Analysis and Documentation Analysis Time to take a look at the results of your tool use. Don’t wait until the end, start analyzing as soon as the tool has completed its test. Results from one tool may prompt other tests Keep all of the raw data. Document every step of the way, this will become part of the final detailed report. You want to know exactly what your tools do and you need to be able to tell the client exactly what test you ran when. You don’t want to be blamed for system problems that you had nothing to do with.

24 Report Chapter 7 of text has sample report Probably will have 2 or three reports Executive summary (may be part of Final or separate report) Final Report – includes recommendations. Technical (detailed) report, will include as appendices the raw data files (often on CD)

25 Summary What is the importance and significance of this material? How does this topic fit into the subject of “Security Risk Analysis”?

Download ppt "Technical Methodology (bottom-up) Lesson 8. 6-step Process Step 1: Site Survey Step 2: Develop a test plan Step 3: Build the toolkit Step 4: Conduct the."

Similar presentations

Approaches to meeting the PCI Vulnerability Management and Penetration Testing Requirements Clay Keller.

Approaches to meeting the PCI Vulnerability Management and Penetration Testing Requirements Clay Keller.
Jane Long, MA, MLIS Reference Services Librarian Al Harris Library.

Jane Long, MA, MLIS Reference Services Librarian Al Harris Library.
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.

I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
Project Report1 Dave Inman Project report. Project Report2 Ways to write a report Top down: Write the structure of the report (maybe use the web templates.

Project Report1 Dave Inman Project report. Project Report2 Ways to write a report Top down: Write the structure of the report (maybe use the web templates.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
How do Students Choose Which Websites to Utilize when Conducting an Internet Search? Jennifer Newman.

How do Students Choose Which Websites to Utilize when Conducting an Internet Search? Jennifer Newman.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
1 Presentation ISS Security Scanner & Retina by Adnan Khairi 100183586.

1 Presentation ISS Security Scanner & Retina by Adnan Khairi
Chapter 10 Publishing and Maintaining Your Web Site.

Chapter 10 Publishing and Maintaining Your Web Site.
Penetration Testing.

Penetration Testing.
End of Support Windows Server 2012 R2 Is Your Business Ready?

End of Support Windows Server 2012 R2 Is Your Business Ready?
Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.

Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

Similar presentations

Ads by Google