© Crown Copyright (2000) Module 2.7 Penetration Testing
You Are Here M2.1 Requirements M2.2 Development Representations M2.3 Functional Testing M2.4 Development Environment M2.5 Operational Environment M2.6 Vulnerability Analysis M2.7 Penetration Testing M2.8 Assurance Maintenance/Composition MODULE 2 - ASSURANCE
What is Penetration Testing? Based on Vulnerability Analysis –A search for vulnerabilities in the TOE or its intended operation –Analysis of their impact Tests formulated and run Exploitability of vulnerabilities determined
Where do the tests come from? Vulnerability Analysis Penetration Testing Design Analysis Functional Testing Operational Assessment
Types of Testing Positive –covered under functional testing Negative or destructive Compound testing –testing more than one aspect of functionality at once
Planning Should have most of the ideas before you start testing (on-site or in the CLEF) Formal test scripts may help Agree work split before you go Agree how tests will be documented
Be considerate to the developer Live system testing –save destructive tests for out-of-hours Their baby –be sensitive to their feelings ! –especially if on site Restore the TOE to a clean state
Additional Tests Inspiration during Penetration testing Know when to stop Record Test Activity and Progress
ITSEC and CC Requirements ITSEC –Requirement to Perform Penetration Testing for all assurance levels E1 - E6. CC –Requirement to perform Penetration Testing for assurance levels EAL2 - EAL7.
Typical Penetration Testing Form
Evaluation Reporting Tests Run Test Results Anomalies Conclusions
Summary Goal of Penetration Testing Refinement of Ideas from Vulnerability Analysis Plan Carefully Record Everything relevant for repeatability
Further Reading ITSEC Evaluation UKSP 05 Part III Chapter 3 CC Evaluation CC Part 3, Section 14 CEM Part 2, Chapters 6 to 8 (AVA sections)
Exercise - Penetration Tests System –User accessing command line shell from application –Administrator performing a privileged function without the action being audited Product –Boot up PC using floppy drive and access encrypted data –Recover a deleted file