Presentation is loading. Please wait.

Presentation is loading. Please wait.

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Published byLuke Stafford Modified over 8 years ago

Similar presentations

Presentation on theme: "Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006."— Presentation transcript:

1 Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006

2 2 Objectives Conduct basic system reconnaissance Use port scanners Derive useful information about a Web site Locate useful information from newsgroup postings Use vulnerability scanners Use port monitoring utilities

3 3 Introduction Hacker’s goals  Footprint a system Examining a potential target system  Compromise a target  Gain access to that system Your goals  Understanding system auditing Examining your own system  Understanding how hackers gain access  Understanding hacker’s tools

4 4 Basic Reconnaissance ( 偵察 ) Windows tools for reconnaissance  Nslookup (name server lookup)  Whois (www.internic.net/whois.htm)www.internic.net/whois.htm  ARIN (en.wikipedia.org/wiki/ARIN)  Web-based tools  Target Web site  Social engineering

5 5 Basic Reconnaissance (cont.) Netcraft is an online utility that tells  What Web server software a site is running  What operating system it is using  Other important information www.netcraft.com  Go to “What’s that site running?”  Type in www.vtc.edu.hkwww.vtc.edu.hk  Press Enter

6 6 Basic Reconnaissance (cont.) Tracing IP address  Map all addresses between a system and a target Trace route www.internic.net VisualRoute  www.visualware.com www.visualware.com

7 7 Basic Reconnaissance (cont.) Use this information  “Google” names found in your search  “Google” e-mail addresses of the administrators, using Google groups

8 8 Basic Reconnaissance (cont.) Social Engineering  Getting information in a non-technical manner “Dumpster diving” Dupe employees into compromising security

9 9 Scanning Use information gathered by research and social engineering Scan target for information that reveals vulnerabilities

10 10 Scanning (cont.) Nmap – Unix or Windows Hping2 – Unix Netcat – Cross-platform Ping – Cross-platform Traceroute – Cross-platform

11 11 Scanning (cont.) Nmap  ICMP echo request packets  SYN scanning  Version scanning  RPC scans http://en.wikipedia.or g/wiki/Remote_proce dure_call http://en.wikipedia.or g/wiki/Remote_proce dure_call  OS fingerprinting capabilities http://insecure.org/nmap/

12 12 Scanning (cont.) Port and network scanning  Identify which ports are open  Port numbers identify services  These ports should be closed: Unnecessary services Vulnerable services

13 13 Scanning (cont.) Ports  www.networksorcery.com/enp/protocol/ip/port s00000.htm www.networksorcery.com/enp/protocol/ip/port s00000.htm  www.iana.org/assignments/port-numbers www.iana.org/assignments/port-numbers  www.techadvice.com/tech/T/TCP_well_known _ports.htm www.techadvice.com/tech/T/TCP_well_known _ports.htm

14 14 Scanning (cont.) NetBrute  www.rawlogic.com/netbrute/ www.rawlogic.com/netbrute/  Scans a range of IP addresses  For network administrators testing their own networks  Targets one IP  Locates open ports  Locates all shared drives  Identifies O/S and Web server software

15 15 Scanning (cont.) Cerberus  Various download locations  Checks for a variety of services  Generates an html report  Identifies security flaws in the registry, other areas

16 16 Scanning (cont.) SATAN  Security Administrator Tool for Analyzing Networks  Unix  www.fish.com/satan/mirrors.html www.fish.com/satan/mirrors.html

17 17 Scanning (cont.) Vulnerability ( 弱點 ) Scanning  http://netsecurity.about.com/cs/hackertools/a/aa030404.ht m http://netsecurity.about.com/cs/hackertools/a/aa030404.ht m  SAINT Prioritizes results Fast assessment Configurable for increased efficiency  Nessus Up to date and easy to use Updateable plug-ins Detailed reports

18 18 Port Monitoring and Managing A deeper layer of information gathering  Netstat  Netstat Live http://www.analogx.com/contents/download/networ k/nsl.htm http://www.analogx.com/contents/download/networ k/nsl.htm  Active Ports  Fport  TCPView

19 19 In-Depth Searches Take investigation to a deeper level  Search engines  Newsgroups Information can be used for good or bad purposes

20 20 Summary Information  The more information you have about the vulnerabilities and weaknesses of your system, the better prepared you are to defend it.  The more information the hacker has about your system’s vulnerabilities and weaknesses, the sooner it will be violated.  The tools in this chapter are for the network and security administrator and are to be used for legal, not illegal, purposes.

Download ppt "Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006."

Similar presentations

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.

This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Information Networking Security and Assurance Lab National Chung Cheng University Network Security (I) 授課老師 : 鄭伯炤 Office: Dept. of Communication Rm #112.

Information Networking Security and Assurance Lab National Chung Cheng University Network Security (I) 授課老師 : 鄭伯炤 Office: Dept. of Communication Rm #112.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.

Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Penetration Testing.

Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Port Scanning.

Port Scanning.
Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Similar presentations

Ads by Google