Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Slides:



Advertisements
Similar presentations
Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.
Advertisements

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
System Security Scanning and Discovery Chapter 14.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
COEN 252: Computer Forensics Router Investigation.
Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Port Scanning.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Support Protocols and Technologies. Topics Filling in the gaps we need to make for IP forwarding work in practice – Getting IP addresses (DHCP) – Mapping.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Ana Chanaba Robert Huylo
Module 7: Configuring TCP/IP Addressing and Name Resolution.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.
COEN 252 Computer Forensics
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Introduction to InfoSec – Recitation 11 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Implementing a Port Knocking System in C Honors Thesis Defense by Matt Doyle.
Linux Networking and Security
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Firewall Tutorial Hyukjae Jang Nc lab, CS dept, Kaist.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
T. Lopatic, J. McDonald, D. Song, "A Stateful Inspection of FireWall-1", Black Hat Briefings A Stateful Inspection of FireWall-1 Thomas Lopatic,
CHAPTER 9 Sniffing.
1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.
1 Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise your system.
Security fundamentals Topic 10 Securing the network perimeter.
Advanced Packet Analysis and Troubleshooting Using Wireshark 23AF
Firewalls Group 11Group 12 Bryan Chapman Richard Dillard Rohan Bansal Huang Chen Peijie Shen.
Retina Network Security Scanner
Firewall C. Edward Chow CS691 – Chapter 26.3 of Matt Bishop Linux Iptables Tutorial by Oskar Andreasson.
Hands-On Ethical Hacking and Network Defense
Introduction to Linux Firewall
IPv6 Security Issues Georgios Koutepas, NTUA IPv6 Technology and Advanced Services Oct.19, 2004.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.
Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Securing your network But still be able to access it Hugh Mahon.
Firewalls. A Firewall is: a) Device that interconnects two networks b) Network device that regulates the access to an internal network c) Program that.
Security fundamentals
An Introduction To ARP Spoofing & Other Attacks
Networks Fall 2009.
MAC Address Tables on Connected Switches
FIREWALL configuration in linux
The Linux Operating System
Domain 4 – Communication and Network Security
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Introduction to Networking
Chapter 4: Access Control Lists (ACLs)
* Essential Network Security Book Slides.
– Chapter 3 – Device Security (B)
OPS235: Configuring a Network Using Virtual Machines – Part 2
Firewalls By conventional definition, a firewall is a partition made
EVAPI - Enumeration Auburn Hacking club
Presentation transcript:

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03

Karlstad University Schedule 3 Attacking methods –Password cracking –ARP spoofing & sniffing –Port Scanning 1 Defense methods –Firewall configuration 2 Vulnerability assessment tool –Nessus –Bastille

Karlstad University Environment 3 VM images ( c:\vmware\valab-ht11 )

Karlstad University Password Cracking Authentication: –Something you know –Something you have –Something you are Password need to be transferred Password need to be stored

Karlstad University Brute Force Attempts all possible combinations of letters and numbers Possible Solution – Limit amount of unsuccessful logins – Change password often –The length should be at least 8 characters

Karlstad University Dictionary Type of Brute Force Only tries possibilities that are likely to succeed List are derived from dictionary Possible Solutions –Mix and match numbers, letters, upper and lower case –Avoid passwords based on dictionary words, letter or number sequences, usernames, or biographical information

Karlstad University John the ripper Traditionally the account information is stored in the /etc/passwd file The /etc/passwd file is world-readable Shadow password system stores passwords in the file /etc/shadow which is not world-readable Have a look on –/usr/share/doc/john /EXAMPLES Then create your own account and password, run “john” again to see the result useradd [your account] passwd [your account]

Karlstad University Sniffing Hub : a hub simply receives incoming packets and broadcasts these packets out to all devices on the network Adapt promiscuous mode : an adapter can receive all frames on the network, not just frames are addressed to that adapter

Karlstad University Wireshark

Karlstad University Wireshark

Karlstad University Hub v.s. switch Hub: Layer 1 (physical) Switch: Layer 2 (data-link)

Karlstad University ARP (Address Resolution Protocol) MAC address (layer 2) –Global unique –Unchangeable IP address (layer 3) –Network unique –Changeable

Karlstad University ARP spoofing (cache poisoning) on switch

Karlstad University Preparation ipconfig /all Let me know the last number of your ip address and mac address ping [IP address] –t

Karlstad University Cain

Karlstad University Cain

Karlstad University Cain

Karlstad University Port Scanning Attackers wish to discover services they can break into. Whether the service existing? sending a packet to each port, once at a time. –Based on the type of response, an attacker knows if the port is used. –The used ports can be probed further for weakness. Well-known: tcp 21, tcp 22, tcp 23, tcp 80 …

Karlstad University Nmap -sT (scanning by TCP connections) -sS (SYN scanning) -sU (UDP scanning) -sV (Version detection) -O (OS fingerprinting) -T[0-5] (time interval) -f (fragmenting)

Karlstad University Nmap

Karlstad University Nmap Zenmap: graphical interface

Karlstad University Firewall A set of related programs that protects the resources of a private network or a host from external environment. A mechanism for filtering network packets based on information contained within the IP header.

Karlstad University IPtables 3 default chains input Used to control packets entering the interface. (The packets will be ended in this machine) output Used to control packets leaving the interface. (The packets are originated from this machine) forward Used to control packets being masqueraded, or sent to remote hosts.

Karlstad University IPtables iptables command [match] [target] Command: -A, -I, -D, -F, -L Match: -p [protocol], -s [source IP], -d [destination IP], -i [interface], -- sport [source port], --dport [destination port] Target: -j [ACCEPT/DROP/LOG…] Example: –iptables –I INPUT –p ICMP –j DROP –iptables –I INPUT –p ICMP –icmp-type 0 –j ACCEPT Our task: restrict all inbound traffic, except SSH requests on port 22. However, any outgoing requests should not be affected.

Karlstad University Nessus Remote vulnerability scanner Nessus will –Perform over 900 security checks –Accept new plugins to expand new checks –List security concerns and recommend actions to correct them

Karlstad University Nessus Client/server architecture –Server: perform checking –Client: Front-end Can test unlimited amount of hosts in each scan

Karlstad University Nessus

Karlstad University Nessus

Karlstad University Bastille Operating System Hardening –Remove unnecessary processes –Setting file permissions –Patching and updating –Setting networking access controls Generate your own hardening policy Can be run manually to provide advice and information

Karlstad University Bastille Assessment mode: bastille -a

Karlstad University Bastille Configuration mode: bastille -x

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.