Module 5 – Vulnerability Identification  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.

Slides:

Advertisements

Similar presentations

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.

Advertisements

Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Module 2 – PenTest Overview

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.

Rochester Institute of Technology Secure IT 2007 Security Auditing Course Development Rochester Institute of Technology Yin Pan

S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

Network Security Testing Techniques Presented By:- Sachin Vador.

Computer Security and Penetration Testing

Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

Comp 8130 Presentation Security Testing Group Members: U Hui Chen U Ming Chen U Xiaobin Wang.

1 Presentation ISS Security Scanner & Retina by Adnan Khairi

Vulnerability Assessment Course Terms, Methodology, Preparation, Obstacles, and Pitfalls.

Application Threat Modeling Workshop

The Business of Penetration Testing

Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.

BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.

Network Vulnerability Assessment Methodology Lesson 6.

Drupal Security Securing your Configuration Justin C. Klein Keane University of Pennsylvania School of Arts and Sciences Information Security and Unix.

1 Oppliger: Ch. 15 Risk Management. 2 Outline Introduction Formal risk analysis Alternative risk analysis approaches/technologies –Security scanning –Intrusion.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

Honeypot and Intrusion Detection System

Penetration Testing Training Day Penetration Testing Tools and Techniques – pt 1 Mike Westmacott, IRM plc Supported by.

VULNERABILITY ASSESSMENT FOR THE POLICE DEPARTMENT’S NETWORK.

Module 8 – What's Next?  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification ○ Penetration.

# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.

Professionalizing Penetration Tests CORE SECURITY TECHNOLOGIES © 2002  Professionalizing Penetration Testing.

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

Behind Enemy Lines Administrative Web Application Attacks Rafael Dominguez Vega 12 th of March 2009.

MIS Week 6 Site:

Module 3 – Information Gathering  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.

S. A. Shonola & M. S. Joy Security Framework for Mobile Learning Environments.

HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

Module 7 – Gaining Access & Privilege Escalation  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability.

Retina Network Security Scanner

Risk (Vulnerability) Assessment & Penetration Test Approach 1VA PT Approach Confidential.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

Mantra – Security Framework Free and Open Source Browser based Security Framework.

Module 6 – Penetration  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification ○ Penetration.

IT 463 – Scanning Assignment Shane Knisley Erik Bennett.

Risk Assessment What is good about the Microsoft approach to threat modeling? What is bad about it? OCTAVE…  Advantage: ___________  Disadvantage: ___________.

Vulnerability Scanning Michael Overton, Jason Ferris, Erik Brown.

Enumeration March 2, 2010 MIS 4600 – MBA © Abdou Illia.

-SHAMBHAVI PARADKAR TE COMP  PORT SCANNING.  DENIAL OF SERVICE(DoS). - DISTRIBUTED DENIAL OF SERVICE(DDoS). REFER Pg.637 & Pg.638.

Incident Response Christian Seifert IMT st October 2007.

Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer.

Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.

CSCE 548 Secure Software Development Penetration Testing.

Defining your requirements for a successful security (and compliance

Professionalizing Penetration Testing

Topic 5 Penetration Testing 滲透測試

Security Testing Methods

Penetration Test Debrief

Penetration Testing Karen Miller.

CIT 480: Securing Computer Systems

COMPTIA CAS-003 Dumps VCE

Risk Assessment = Risky Business

Must cost less than possible Impact

Cybersecurity Threat Assessment

Presentation transcript:

Module 5 – Vulnerability Identification  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification ○ Penetration ○ Gaining Access & Privilege Escalation ○ Enumerating Further ○ Compromise Remote Users/Sites ○ Maintaining Access ○ Cover the Tracks Heorot.net

Vulnerability Identification  Purpose behind Vulnerability Identification “... find flaws within the network, servers, services and other attached information resources.” Heorot.net

Vulnerability Identification  Identify vulnerable services using service banners  Perform vulnerability scan to search for known vulnerabilities  Perform false positive and false negative  Enumerate discovered vulnerabilities  Estimate probable impact (classify vulnerabilities found)‏  Identify attack paths and scenarios for exploitation Heorot.net

Identify Vulnerable Services Using Service Banners Heorot.net

Identify Vulnerable Services Using Service Banners Apache Demonstration

Perform Vulnerability Scan  *Tools: Nessus Sara Internet Scanner Retina Network Security Scanner Netrecon Core IMPACT *None of these tools are found on the BackTrack Disk Heorot.net

Perform Vulnerability Scan  Advantage of Vulnerability Scanners: “Click-and-Go” Basic knowledge of IT and Security Powerful Up-to-date  Disadvantage of Vulnerability Scanners: “Click-and-Go” Basic knowledge of IT and Security Heorot.net

Perform False Positive and False Negative “False positives refer to non-issues that were incorrectly detected. Accordingly, false negatives refer to existent issues that were not detected during an assessment. In every assessment there is always the risk of any of these being present.”

Enumerate Discovered Vulnerabilities  Identified Vulnerability Apache/ (UNIX) PHP/5.1.2  Tools : Web Sites: ○ Milw0rm.org ○ Securityfocus.com ○ Cert.org ○ Packetstormsecurity.com ○ National Vunerability Database Metasploit Vulnerability Scanners Heorot.net

Enumerate Discovered Vulnerabilities Apache / milw0rm Demonstration

Estimate Probable Impact  High Risk Vulnerability ○ “...immediate threat of high and adverse impact on the business critical processes of the target organization”  Medium Risk Vulnerability ○ “...threat of high and adverse impact to non-critical systems in terms of business. ○ “...no immediate threat nor a big impact and the vulnerability affects critical business systems.”  Low Risk Vulnerability ○...”the technical and business impact is low.” Heorot.net

Identify Attack Paths and Scenarios for Exploitation  Game plan on how to attack the system  List of vulnerabilities Threat Level based on Impact to business goals  Measures to mitigate vulnerabilities  Stopping point About to move away from “Blue Team” and move into “Red Team” Heorot.net

Hands-On Exercise Identify Live Hosts  Tools: The Internet List of Services ○ Version Information Operating System ○ Version Information  Find known Vulnerabilities Bugtraq ○ National Vunerability Database ○  Find Potential Exploits milw0rm.org (that’s a “zero”) Securityfocus.com Cert.org Packetstormsecurity.com Heorot.net

Module 5 – Conclusion  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification Identify vulnerable services using service banners Perform vulnerability scan Perform false positive and false negative Enumerate discovered vulnerabilities Estimate probable impact Identify attack paths and scenarios for exploitation Heorot.net