CIT 480: Securing Computer Systems

Slides:



Advertisements
Similar presentations
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Advertisements

Armitage and Metasploit Penetration Testing Lab
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Offensive Security Part 1 Basics of Penetration Testing
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
© 2010 – MAD Security, LLC All rights reserved ArmitageArmitage A Power User’s Interface for Metasploit.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Vulnerability Analysis Borrowed from the CLICS group.
Network Security Testing Techniques Presented By:- Sachin Vador.
Computer Security and Penetration Testing
Browser Exploitation Framework (BeEF) Lab
Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Port Scanning.
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
4/13/2010.  CSS Meeting  Stephen Crane on Programming Contests  1pm  Building 8 room /11/10.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 4 Finding Network Vulnerabilities By Whitman, Mattord, & Austin© 2008 Course Technology.
EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.
Honeypot and Intrusion Detection System
MIS Week 1 Site:
Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick.
A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
Network Monitor By Zhenhong Zhao. What is the Network Monitor? The Network Monitor is a tool that gets information off of the host on the LAN. – Enumerating.
1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.
Penetration Testing 101 (Boot-camp)
Database as a networked server DB at the centre of the network Network Access Map for DB environment Tracking of tools and apps Remove unnecessary network.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
TCOM Information Assurance Management System Hacking.
CNIT 124: Advanced Ethical Hacking Ch 10: Client-Side Exploitation.
MIS Week 1 Site:
Module 1A An Introduction to Metasploit – Based upon Chapter 2 of “Metasploit the Penetration testers guide” Based upon Chapter 2 of “Metasploit the Penetration.
JMU GenCyber Boot Camp Summer, “Canned” Exploits For many known vulnerabilities attackers do not have to write their own exploit code Many repositories.
Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.
Alison Buben Jay Pataky COSC 316.  Main purpose: Penetration Testing ◦ Evaluating the security of a computer by simulating an attack ◦ Showing where.
CACI Proprietary Information | Date 1 PD² v4.2 Increment 2 SR13 and FPDS Engine v3.5 Database Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
PostExploitation CIS 5930/4930 Offensive Computer Security Spring 2014.
/Reimage-Repair-Tool/ /u/6/b/ /channel/UCo47kkB-idAA-IMJSp0p7tQ /alexwaston14/reimage-system-repair/
Hacking 101, Boot-camp Computer Security Group March 10, 2010 Mitchell Adair.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Penetration Testing Exploiting 2: Compromising Target by Metasploit tool CIS 6395, Incident Response Technologies Fall 2016, Dr. Cliff Zou
Metasploit Framework (MSF) Fundamentals
Nessus Vulnerability Scan
Penetration Testing: Concepts,Attacks and Defence Stratagies
Penetration Testing Armitage: Metasploit GUI and Machine-Gun Style Attack CIS 6395, Incident Response Technologies Fall 2016, Dr. Cliff Zou
C IBM Security QRadar SIEM V7.2.6 Associate Analyst
Security Testing Methods
CITA 352 Chapter 5 Port Scanning.
Advanced Penetration Testing
Penetration Testing Karen Miller.
Network Exploitation Tool
Daniel Kouril, Ivo Nutar Masaryk University
Vulnerability Scanning with Credentials
Malware Reverse Engineering Process
Metasploit a one-stop hack shop
Module 22 (Metasploit Introduction)
Laura Jaideny Pérez Gómez - A
Common Operating System Exploits
Module 36 (Expanding Your Control of Windows Victims)
Everything You Need To Know About Penetration Testing.
Intuit has launched QuickBooks File Doctor tool (QBFD) in QuickBooks File Doctor is a tool that has been designed to recover the damaged company.
Backtrack Metasploit and SET
Web Application Penetration Testing ‘17
Metasploit Analysis Report Overview
Cyber Operation and Penetration Testing Armitage: Metasploit GUI and Machine-Gun Style Attack Cliff Zou University of Central Florida.
Engineering Secure Software
Penetration Testing & Network Defense
Presentation transcript:

CIT 480: Securing Computer Systems Vulnerability Scanning and Exploitation Frameworks CIT 480: Securing Computer Systems

Vulnerability Scanners Vulnerability scanners are automated tools that scan hosts and networks for potential vulnerabilities, including Configuration errors Known unpatched vulnerabilities CIT 480: Securing Computer Systems

Vulnerability Databases

CIT 480: Securing Computer Systems Advantages Vulnerability scanners can identify thousands of potential security issues. Automatically and quickly. On a regular basis, to ensure no systems have become vulnerable. Can identify problems missed by or misconfigured by administrators. Lets security know where problems exist. Essential part of defense in depth. CIT 480: Securing Computer Systems

CIT 480: Securing Computer Systems Drawbacks Results only as good as vulnerability database. Must keep vulnerability db up to date. Some reported vulnerabilities are false positives. Must check for existence of actual vulnerability. Configure scanner to ignore false +s in future scans. Human threats are better than scanner Can use zero day vulnerabilities not found in db. Can find misconfigurations or combinations of security problems that lead to vulnerabilities that scanner cannot find. CIT 480: Securing Computer Systems

Vulnerability Scanners http://sectools.org/tag/vuln-scanners/ CIT 480: Securing Computer Systems

CIT 480: Securing Computer Systems OpenVAS Architecture http://www.openvas.org/about.html CIT 480: Securing Computer Systems

OpenVAS In-progress Scans http://www.openvas.org/img/gsa-screenshot.png CIT 480: Securing Computer Systems

OpenVAS Vulnerability Report http://www.openvas.org/img/gsa-screenshot.png CIT 480: Securing Computer Systems

Exploitation Frameworks Exploitation frameworks allow users to Choose and configure an exploit from a database of exploits. Launch exploits on specified targets to verify whether a vulnerability is present or not. Useful for Verifying vulnerability scanner results. Performing penetration tests. Convincing management that a problem exists. CIT 480: Securing Computer Systems

Exploitation Frameworks CIT 480: Securing Computer Systems

Metasploit Architecture http://www.offensive-security.com/metasploit-unleashed/Metasploit_Architecture http://www.offensive-security.com/metasploit-unleashed/Metasploit_Architecture

Metasploit Interfaces msfconsole Interactive command line interface. msfcli Non-interactive command line interface. msfcli windows/smb/ms08_067_netapi RHOST=192.168.56.101 PAYLOAD=windows/shell/bind_tcp Armitage Interactive graphical interface. CIT 480: Securing Computer Systems

Exploit Configuration OS and Application Version Variants of exploit may need to be chosen. Target selection IP address and port Payload selection Select shellcode type, e.g. shell or desktop. Encoding Encoding of exploit avoids IPS or AV detection. CIT 480: Securing Computer Systems

CIT 480: Securing Computer Systems Payloads Bind Shell Open a port on the exploited host offering a shell with no password required. Reverse Shell Target makes connection back to listening port on one of your servers, offering a shell. Remote Desktop Remote desktop using RDP, VNC, NX, or X. Meterpreter Advanced payload with post-exploitation modules, including key logging, sniffing, hash dumping, etc. CIT 480: Securing Computer Systems

CIT 480: Securing Computer Systems Key Points Vulnerability scanners Automatically scan network to find vulnerabilities based on vulnerability database. Results only as good as vulnerability database. Human attackers are better than scanners, so a clean scan doesn’t indicate perfect security. Exploitation frameworks Verify vulnerability scanner results. Assist in penetration testing. CIT 480: Securing Computer Systems

CIT 480: Securing Computer Systems References David Kennedy et. Al., Metasploit: The Penetration Tester’s Guide, No Starch Press, 2011. CIT 480: Securing Computer Systems

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.