Presentation is loading. Please wait.

Presentation is loading. Please wait.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Published byMarvin Francis Modified over 8 years ago

Similar presentations

Presentation on theme: "Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing."— Presentation transcript:

1 Penetration Testing Edmund Whitehead Rayce West

2 Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing Viewpoints - Phases of Penetration Testing - Reconnaissance and Information Gathering - Network Enumeration and Scanning - Vulnerability Testing and Exploitation - Reporting - How to become a Penetration Tester

3 Penetration Testing Definition of Penetration Testing: - A penetration test or pentest is a test evaluating the strengths of all security controls on the computer system. Penetration tests evaluate procedural and operational controls as well as technological controls.

4 Who needs Penetration Testing - Banks/Financial Institutions, Government Organizations, Online Vendors, or any organization processing and storing private information - Most certifications require or recommend that penetration tests be performed on a regular basis to ensure the security of the system. - PCI Data Security Standard's Section 11.3 requires organizations to perform application and penetration tests at least once a year. - HIPAA Security Rule's section 8 of the Administrative Safeguards requires security process audits, periodic vulnerability analysis and penetration testing.

5 Penetration Testing Viewpoints -External vs. Internal Penetration Testing can be performed from the viewpoint of an external attacker or a malicious employee. - Overt vs. Covert Penetration Testing can be performed with or without the knowledge of the IT department of the company being tested.

6 Phases of Penetration Testing - Reconnaissance and Information Gathering - Network Enumeration and Scanning - Vulnerability Testing and Exploitation - Reporting

7 Reconnaissance and Information Gathering Purpose: To discover as much information about a target (individual or organization) as possible without actually making network contact with said target. Methods: Organization info discovery via WHOIS Google search Website browsing

8 WHOIS Results for www.clemson.edu Domain Name: CLEMSON.EDU Registrant: Clemson University 340 Computer Ct Anderson, SC 29625 UNITED STATES Administrative Contact: Network Operations Center Clemson University 340 Computer Court Anderson, SC 29625 UNITED STATES (864) 656-4634 noc@clemson.edu Technical Contact: Mike S. Marshall DNS Admin Clemson University 340 Computer Court Anderson, SC 29625 UNITED STATES (864) 247-5381 hubcap@clemson.edu Name Servers: EXTNS1.CLEMSON.EDU 130.127.255.252 EXTNS2.CLEMSON.EDU 130.127.255.253 EXTNS3.CLEMSON.EDU 192.42.3.5

9 Network Enumeration and Scanning Purpose: To discover existing networks owned by a target as well as live hosts and services running on those hosts. Methods: Scanning programs that identify live hosts, open ports, services, and other info (Nmap, autoscan) DNS Querying Route analysis (traceroute)

10 NMap Results nmap -sS 127.0.0.1 1 2 3 Starting Nmap 4.01 at 2006-07-06 17:23 BST 4 Interesting ports on chaos (127.0.0.1): 5 (The 1668 ports scanned but not shown below are in state: closed) 6 PORT STATE SERVICE 7 21/tcp open ftp 8 22/tcp open ssh 9 631/tcp open ipp 10 6000/tcp open X11 11 12 Nmap finished: 1 IP address (1 host up) scanned in 0.207 13 seconds

11 Vulnerability Testing and Exploitation Purpose: To check hosts for known vulnerabilities and to see if they are exploitable, as well as to assess the potential severity of said vulnerabilities. Methods: Remote vulnerability scanning (Nessus, OpenVAS) Active exploitation testing o Login checking and bruteforcing o Vulnerability exploitation (Metasploit, Core Impact) o 0day and exploit discovery (Fuzzing, program analysis) o Post exploitation techniques to assess severity (permission levels, backdoors, rootkits, etc)

12 Reporting Purpose: To organize and document information found during the reconnaissance, network scanning, and vulnerability testing phases of a pentest. Methods: Documentation tools (Dradis) o Organizes information by hosts, services, identified hazards and risks, recommendations to fix problems

13 How to Become a Penetration Tester - Stay up to date on recent developments in computer security, reading newsletters and security reports are a good way to do this. - Becoming proficient with C/C++ and a scripting language such as PEARL - Microsoft, Cisco, and Novell certifications - Penetration Testing Certifications - Certified Ethical Hacker (CEH) -GIAC Certified Penetration Tester (GPEN)

14 Conclusion Questions?

Download ppt "Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing."

Similar presentations

ETHICAL HACKING.

ETHICAL HACKING.
Assessments, Audits, and Penetration Tests, Oh My Ira Winkler, CISSP +1-410-544-3435.

Assessments, Audits, and Penetration Tests, Oh My Ira Winkler, CISSP
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.

I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.

Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.
Network Security With nmap By *** *****. Installing nmap netlab-2# cd /usr/ports/security/nmap netlab-2# make install all.

Network Security With nmap By *** *****. Installing nmap netlab-2# cd /usr/ports/security/nmap netlab-2# make install all.
Firewall Auditing Sean K. Lowder CISSP / MCSE / CCNA

Firewall Auditing Sean K. Lowder CISSP / MCSE / CCNA
Penetration Testing.

Penetration Testing.
Mapping The Penetration Tester’s Mind 0 to Root in 60 Min #MappingThePenTestersMind 1.

Mapping The Penetration Tester’s Mind 0 to Root in 60 Min #MappingThePenTestersMind 1.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.

Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.

Similar presentations

Ads by Google