Tuesday, July 16, 2013

Penetration Testing

With rising security threats and increasing demand for information security professional around the globe, it is important to get deep understanding of different penetration techniques and tools. This expert course can benefit the administrators seeking career shift to information security domain and can also help the professionals already in the information security domain by gaining further knowledge in the field. Below are few benefits:

Learn penetration testing methodology
Ensure system/network security
Identify the vulnerable systems and mitigate them
Assess your network from a hackers perspective
Apply countermeasures to protect an organization from security breaches

Mandatory Pre-requisites

Familiarity with both Windows and Linux operating systems
Understanding of TCP/IP

Helpful Pre-requisites

Knowledge of Networking Protocols

Establishing the Base

Information Security Goals
Five Principles to Remember
TCP/IP Stack Review
Network Security Basics
What are Vulnerabilities?
Understanding the Risks Posed by Vulnerabilities

Vulnerability Assessment

Introduction
Footprinting
Scanning
Enumeration
Discovering Vulnerabilities
Importance of seeking out Vulnerabilities

Footprinting

Introduction
Why is Footprinting Necessary?
WHOIS & DNS Enumeration
DNS Interrogation
Network Reconnaissance

Footprinting Tools

Whois lookup, Wikto
Online Tools – Samspade, What is MyIP
DNS Enumerator – nslookup
Traceroute – Neo Trace, VisualRoute
Tracing Emails – VisualRoute Mail Tracer, eMailTracker Pro

Google Hacking

Google Searching with Advanced Operators
Directory Listings
Locating Directory Listings
Finding Specific Directories
Finding Specific Files
Server Versioning
Directory Traversal
Extension Walking
Network Mapping
Locating Vulnerable Targets
Searching for Usernames, Password & Secrets
Google Hacking Database (GHDB)
Tools- Site Digger, Google Hacks

Scanning

Determining if the System is Alive
Determining which Services are Running or Listening
Scan Types
Identifying TCP and UDP Services Running
Windows-Based Port Scanners
Port Scanning Breakdown
Daemon Banner Grabbing
Firewall Detection
Detecting the Operating System
Active Stack Fingerprinting
Passive Stack Fingerprinting
Behind the Proxies
Proxy Servers
Anonymizers
Proxy Chaining- The Onion Routing (TOR)
Scanning Tools- Superscan, Xprobe, Netcat, TOR, Nmap, GFI Languard, Nessus

Enumeration

Enumerating Remote Maintenance Services
FTP
SSH
Telnet
R-Services
X-Windows
Remote Desktop
VNC

Enumerating Remote Information Service

DNS
Finger
Auth
NTP
SNMP
LDAP
rwho

Enumerating Web Servers

Fingerprinting Web Servers
Enumerating Virtual Hosts
Investigating known Vulnerabilities
Basic Web Server Crawling

Enumerating Database Services

MS SQL Server
MySQL
Oracle

Enumerating Mail Services

SMTP
POP3
IMAP

Enumerating Windows Networking Services

RPC
NetBIOS
Tools- Nbtstat, Httprint, Wikto, Brutus, RpcScan

Penetrating the System

Sniffing
Man In The Middle Attack
Buffer Overflows
Exploiting Network Services with Metasploit
Exploiting End User Applications with Metasploit
Extracting and Cracking Passwords
Privilege Escalation
Gaining Access to Remote Control

Executing Applications

Key Loggers
Spywares
Trojans and Backdoors
Hiding and Covering the Tracks
Tools- Wireshark, Cain and Abel, Hydra, John the Ripper, Metasploit, VNC, Fpipe

No comments:

Cyber Security

Cyber Security - Securing Your Business

View the latest
Copy of Advance

The official publication of ADS Group

Find out More

ADS Events

Less - + More

Cyber Security - Securing Your Business

/ Security / Cyber Security - Securing Your Business

Cyber threats to your Business
Where can you go for advice and support?
CPNI - The Full Picture

Cyber threats to your Business

Why does cyber security matter to you?

The government has classed cyber attacks as one of the four most significant risks to national security. Suppliers must recognise customer concerns and take steps to address them.
Cyber insecurity poses a real risk for companies’ reputations, bottom lines and share prices. Successful attacks can disrupt business operations and production cycles, cause products to fail, result in customers losing confidence in you as a supplier, and force you to redevelop to products.
Hostile states and competitors are interested in information on mergers and acquisitions activity, joint venture intentions, strategic direction and Intellectual Property.
Apart from the theft of sensitive business information, there is also the threat that cyber-based systems can be disrupted to prevent normal service. A denial-of-service (DoS) attack could, for example, prevent customers from accessing key websites, such as those for sales. Industrial controls systems can also be disrupted.
The cost of a cyber-security breach is estimated to be between £450,000 to £850,000 for large businesses and £35,000 to £65,000 for smaller ones.
The rise in cyber crime is most noticeable for small businesses; they’re now experiencing incident levels previously only seen in larger organisations.
As Primes take steps to improve their own cyber security, attackers are targeting companies in the broader supply chain. The supply chain is only as strong as its weakest link. All companies – and government – are in this together.

The government's '10 Steps to Cyber Security' notes that:

Information is critical to today's business

Information and the techologies that are used to store and process it are vital to the success of your business. Intellectual property, confidential or sensitive data provide a competitive advantage, one in which other less scrupulous organisations would be verk keen to get hold off. At the same time, the need to access and share information more widely, using a broad range of connecting technologies is increasing the risk to the corporate information base.

Compromise of information assets can damage companies

A single successful attack could destroy a company's financial standing or reputation. Information compromise can lead to material financial loss through loss of productivity, of intellectual property, reputational damage, recovery costs, investgative time, regulatory and legal costs.

Many players pose a risk to information

There are many types of people who pose a risk to business information assets:

Cyber Criminals - interested in making money from fraud or from the sale of valuable information
Industrial Competitors and Foreign Intelligence Services - interested in gaining an economic advantage for their own companies or countreis
Hackers - those who find interfering with computer systems an enjoyable challenge
Hacktivists - those who wish to attack companies for political or ideological motives
Employees - or those who have legitimate access, either by accident or deliberate misuse.

Examples of the impact on business

The attached PowerPoint file gives two examples which show the real impact successful cyber attacks can have on companies, including causing a loss of revenue (by forcing a company office to close for a period of time) and loss of reputation and products (by diverting items in transit). These examples are from companies in the defence sector.

Cyber attacks - examples of the impact (102.0 KB)

Where can you go for advice and support?

1. '1O Steps to Cyber Security' Guidance

The governmemt has published guidance for companies which is available here: www.gov.uk/government/publications/cyber-risk-management-a-board-level-responsibility and www.gov.uk/government/publications/cyber-security-what-small-businesses-need-to-know.

2. CPNI's Cyber Risk Management Advice and Cyber Security Guidance

The Centre for the Protection of National Infrastructure (CPNI) protects national security by providing protective security advice (covering physical, personnel and cyber security) to the UK's Critical National Infrastructure (CNI). CPNI works to raise awareness at Board level as well as at a technical level across the CNI. Cyber security advice and guidance is available on the CPNI website at: www.cpni.gov.uk, for example:

Strategic and technical: 20 critical security controls for effectivecyber defence Technology-specific advice: examples include mobile devices, SCADA security and cloud computing
Personnel security advice: security culture and awareness; employee risk management and risk assessment guidance
Threat-based: examples include distributed denial of service, spear phishing, insider misuse of IT, online reconnaissance.

3. CPNI's Cyber Risk Advisory Service

The Cyber Risk Advisory Service delivers advice to senior executives and board members of the UK’s most economically important companies and academic institutions, to inform their understanding of the impact of cyber threats, and the effect on the long-term performance and competitiveness of the organisation.The in-depth support provided assists executives in reviewing their corporate risk management strategy, helping them to interpret the cyber threat and determine the organisation’s exposure (risk). This service is only available to organisations which meet specific eligibility requirements. For more information, please email enquiries@cpni.gsi.gov.uk.

4. Certified advice and providers

CESG, the information security arm of GCHQ, works closely with the cyber security industry to enable industry to provide certified cyber security services to government and to industry. These services are provided by a variety of companies including specialist SMEs, audit houses, major consultancies, and multinational companies. Services include:

Risk management consultancy through the CESG Listed Advisor scheme (CLAS): www.cesg.gov.uk/servicecatalogue/CLAS/Pages/CLAS.aspx
Penetration testing of networks and systems to assess their ulnerability to an attacker through the CHECK scheme: www.cesg.gov.uk/servicecatalogue/CHECK/Pages/index.aspx - and the industry body's equivalent run by the Council of Registered Ethical Security Testers, CREST: www.crest-approved.org
Cyber Incident Response through a twin track approach ncompassing a broadly based CREST (Council of Registered thical Security Testers) scheme endorsed by GCHQ and CPNI, and a small, focused GCHQ and CPNI scheme designed to respond to sophisticated, targeted attacks against networks of national significance. See: www.cesg.gov.uk/servicecatalogue/cir/Pages/Cyber-Incident-Response.aspx

5. Cyber Security Information Sharing Partnership (CISP)

The CISP facilitates the sharing of information and intelligence on cyber security threats in order to make UK businesses more secure in cyberspace. The CISP includes a secure online collaboration environment where government and industry (both large and SME) partners can exchange information on threats and vulnerabilities in real time. Companies can also ask for specific advice from the government's fusion cell through CISP, free of charge. www.cisp.org.uk

6. ActionFraud

Action Fraud is the UK’s single point for reporting all fraud and online financial crime. Crime can be reported online 24 hours a day, seven days a week, and the Action Fraud call centre can also be contacted to report crimes during working hours and at the weekend. When a serious threat or new type of fraud is identified, Action Fraud will place an alert on its website which contains advice for individuals and businesses to protect themselves from becoming victims of fraud. www.actionfraud.police.uk

CPNI - The Full Picture

Produced by the CPNI, the above video provides an example of the associated risks of a SME from a cyber attack.

Last modified : January 23, 2014

Way2Security

Blog Archive

Tuesday, July 16, 2013

Penetration Testing

Mandatory Pre-requisites

Helpful Pre-requisites

No comments: