SlideShare una empresa de Scribd logo

Network penetration testing

Imaginea
Imaginea
Tecnología
1 de 15
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Security Group (ISG) Network Penetration Testing reachus@imaginea.com
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Network Penetration Testing Overview The contemporary way of working with networks as well as connecting with 3rd parties has left a lot of firms exposed to malicious attacks and with vulnerable areas that they aren't even conscious of yet. Network penetration testing uncovers network weaknesses prior to a malicious hacker. Network penetration testing includes testing from an external network and an internal network.
Open Ports/ Services, Open Ports and Services , OS Hacker targets in a Packet Sniffing fingerprinting Router Vulnerabilities exploits Liberal Access Control typical network ARP spoofing, Cryptography Lists(ACL) Denial of Service infrastructure Hardware, Firmware, Software Denial of Service Hardware, Firmware, Software specific vulnerabilities specific vulnerabilities Switch Open Ports and Services User Authentication , Authorization issues, Cryptography Remote code execution, File Web Server Upload, XSS Server misconfiguration exploits Denial of Service Hardware, Firmware, Software specific vulnerabilities App Server Open Ports and Services Hacker Authentication , Authorization issues, Cryptography Buffer Overflows Denial of Service DBMS misconfiguration exploits Hardware, Firmware, Software specific vulnerabilities DB Server
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Penetration Testing Methodology Step 1 • Information Gathering Step 2 • Analysis and Planning Step 3 • Vulnerability Identification Step 4 • Exploitation Step 5 • Risk Analysis and Remediation Suggestion Step 6 • Reporting
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Gathering Template Information Required Data Organization Name Network diagram with details of the major network components (router, gateway, firewall, servers, user machines) and their communication paths Specify timings in which testing can be performed Note: Network penetration testing could increase network traffic considerably Specify timings for testing Denial of Service attacks and other applicable attacks Note: DOS attacks could increase network traffic significantly and may bring the network down Specify if there are any restrictions on testing some critical systems in the network. Provide access to one of the internal IP’s in the organization Scope of the Test: Specify all IP addresses of the systems to be tested from external and internal networks. Target machine IP address Purpose of the Specify whether the IP address is accessible to public network or limited to machine (Router, organization's internal network Gateway, server etc) (Eg: 196.0.0.1, Public IP) (Eg: Router)
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Analysis and Planning Analysis Verification of given information Client communication for clarifications (if any) Understanding the network topology and communication mechanisms Identification of critical network components and corresponding vulnerabilities to be tested Planning Test modularization based on target machines or vulnerability focus areas Plan for external and internal network testing Plan for manual security testing phase Plan for automation testing phase Plan for exploitation phase Plan for risk analysis and reporting phases Time estimates for each of the phases
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Open ports and services Input Validation Cross Site Scripting OS fingerprinting Buffer Overflow File Upload Authentication Remote Command Authentication Bypass Execution Weak passwords Default usernames/ passwords enabled Cryptography Plain text passwords stored in database/ files Weak Encryption Weak Key Authorization WEP key used for wireless encryption Privilege Escalation Gaining Access ARP Spoofing Packet Sniffing
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Information Leakage System Configuration Sensitive Data Revealed Unpatched software and resulting vulnerabilities Liberal Access Control Lists Denial of Service Published vulnerabilities specific to SYN flood OS/Software/Service UDP flood ICMP flood ARP Spoofing Ping to Death Distributed Denial of Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the the technology/requirement/latest threats.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Vulnerability Testing Phases Automatic scanning of target machines using tools and analysis of the results for false positives Port and Services scanning OS fingerprinting Vulnerability Scanning Password cracking/ brute force Exhaustive manual penetration testing of each target machine and vulnerability focus areas Packet sniffing Cryptography issues Published vulnerabilities specific to the target machine/OS/Software/Service Default usernames/passwords enabled Identification of list of network vulnerabilities from manual and automation testing results
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Tools Backtrack5: Open Source Linux based OS which contains penetration testing toolkit will be used for network penetration testing. Open source Perl scripts will be used for DOS attacks. Common toolkits: Tool Purpose Nmap Port Scanning, OS fingerprinting Nessus, Nsauditor Network vulnerability scanner Cain and Abel, John the Ripper, THC Hydra Password cracking tools ADMSnmp To check default community strings IKE-Scan To detect VPN server and version SMTPScan To obtain SMTP server and version Note: More tools will be added to the list based on the technology or need or latest advancements.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Attacks will be performed on application machines without causing much damage to the application resources and infrastructure. This phase is required in network penetration testing to identify certain vulnerabilities in the target machines. Such as Denial of Service Escalation of privileges Gaining access Man In The Middle(MITM) network traffic ARP spoofing WEP cracking Published exploit scripts specific to OS/Software/Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Exploitation Toolkits Tool Purpose UDP Flood Denial of Service attack using UDP packet flood SYN Flood Denial of Service attack using SYN packet flood Ping to Death Denial of Service Denial of Service using ICMP packet flood in Smurf6 broadcast network. Cisco Global Exploiter Exploit published cisco vulnerabilities Metasploit Framework, Core Impact Exploitation tool Wireshark Network packet sniffing Aircrack-ng, Airodump-ng, Airmon-ng, Wireless packet sniffing WEP Key cracking Aireplay-ng De- authentication of a client Denial of service attacks ARPSpoof ARP spoofing Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Risk Analysis and Remediation Suggestion Risk Analysis Estimation of the Likelihood of attack Estimation of the Impact of a successful attack Evaluate overall RISK of the vulnerability Risk = Likelihood * Impact OWASP Risk Rating Methodology is used as a guidance. Ref: https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology Remediation Suggestion Remediation measures will be suggested for each vulnerability identified. Priority for remediation will be suggested based on the risk rating of the vulnerability
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Report Template Brief summary of the Network Brief description of the network includes critical components in the network, type of communication used, public IPs available etc. Network Security Summary report Brief description of the overall security status and the list of major security vulnerabilities identified. Vulnerability details for each identified vulnerability: Vulnerability Classification and Name Description of the vulnerability Vulnerability details Remediation Suggestions Vulnerability Risk Rating (Likelihood, Impact, Overall Risk)
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Security as a Service http://www.imaginea.com reachus@imaginea.com

Recomendados

Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testing
Mohit Belwal
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTING
Er Vivek Rana
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
Rick Wanner
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht
 

Recomendados

Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testing
Mohit Belwal
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTING
Er Vivek Rana
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
Rick Wanner
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
Mohammed Adam
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework
👀 Joe Gray
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2
Scott Sutherland
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
Andrew McNicol
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack
Ahmed Salama
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
Kaustubh Padwad
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
btpsec
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework
Adrian Sanabria
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awareness
Leon Teale
 
Metasploit
MetasploitMetasploit
Metasploit
henelpj
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumeration
leminhvuong
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING
Sweta Leena Panda
 
System hacking
System hackingSystem hacking
System hacking
CAS
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEAdversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSE
Jorge Orchilles
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
Scott Sutherland
 
Pentesting
PentestingPentesting
Pentesting
Henrik Jacobsen
 

Más contenido relacionado

La actualidad más candente

Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework
👀 Joe Gray
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2
Scott Sutherland
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
Kaustubh Padwad
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumeration
leminhvuong
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 

La actualidad más candente (20)

Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awareness
 
Metasploit
MetasploitMetasploit
Metasploit
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumeration
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING
 
System hacking
System hackingSystem hacking
System hacking
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEAdversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSE
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
 

Destacado

Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
Hykeos
 

Destacado (7)

Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 
Pentesting
PentestingPentesting
Pentesting
 
Ceh v5 module 22 penetration testing
Ceh v5 module 22 penetration testingCeh v5 module 22 penetration testing
Ceh v5 module 22 penetration testing
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
 
Vulnerability Scanning or Penetration Testing?
Vulnerability Scanning or Penetration Testing?Vulnerability Scanning or Penetration Testing?
Vulnerability Scanning or Penetration Testing?
 
Metasploit
MetasploitMetasploit
Metasploit
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
 

Similar a Network penetration testing

Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testing
Imaginea
 
The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...
Fred Beringer
 
[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp Security[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp Security
Carles Farré
 
50357 a enu-module02
50357 a enu-module0250357 a enu-module02
50357 a enu-module02
Bố Su
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
jmical
 
Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011
chaucheckpoint
 

Similar a Network penetration testing (20)

Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testing
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC Presentation
 
S series presentation
S series presentationS series presentation
S series presentation
 
Hh 2012-mberman-sds2
Hh 2012-mberman-sds2Hh 2012-mberman-sds2
Hh 2012-mberman-sds2
 
Webinar issues we_find_slideshare
Webinar issues we_find_slideshareWebinar issues we_find_slideshare
Webinar issues we_find_slideshare
 
[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp Security[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp Security
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
 
Crafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
Crafting Super-Powered Risk Assessments by Digital Defense Inc & VeracodeCrafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
Crafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
 
50357 a enu-module02
50357 a enu-module0250357 a enu-module02
50357 a enu-module02
 
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsRainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
 
Pangolin Datasheet
Pangolin DatasheetPangolin Datasheet
Pangolin Datasheet
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentation
 
Unit 08: Security for Web Applications
Unit 08: Security for Web ApplicationsUnit 08: Security for Web Applications
Unit 08: Security for Web Applications
 
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with Worklight
 
How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7
 
Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011
 

Más de Imaginea

Imaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance EngineeringImaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance Engineering
Imaginea
 
Imaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction DesignImaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction Design
Imaginea
 
Imaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User GuideImaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User Guide
Imaginea
 
Offline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh ApproachOffline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh Approach
Imaginea
 
Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2
Imaginea
 
Imaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About UsImaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About Us
Imaginea
 

Más de Imaginea (20)

Require JS
Require JSRequire JS
Require JS
 
Scala and lift
Scala and liftScala and lift
Scala and lift
 
Imaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance EngineeringImaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance Engineering
 
Imaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction DesignImaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction Design
 
Imaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User GuideImaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User Guide
 
Offline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh ApproachOffline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh Approach
 
Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2
 
Whitepaper Cloud Egovernance Imaginea
Whitepaper Cloud Egovernance ImagineaWhitepaper Cloud Egovernance Imaginea
Whitepaper Cloud Egovernance Imaginea
 
Imaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About UsImaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About Us
 
Imaginea_CloudComputing_Services
Imaginea_CloudComputing_ServicesImaginea_CloudComputing_Services
Imaginea_CloudComputing_Services
 
Imaginea_Product Engineering_Services
Imaginea_Product Engineering_ServicesImaginea_Product Engineering_Services
Imaginea_Product Engineering_Services
 
Scaling Databases On The Cloud
Scaling Databases On The CloudScaling Databases On The Cloud
Scaling Databases On The Cloud
 
Imaginea Cloud Offerings
Imaginea Cloud OfferingsImaginea Cloud Offerings
Imaginea Cloud Offerings
 
Soa Offerings
Soa OfferingsSoa Offerings
Soa Offerings
 
Sharing on Dekoh - Our RIA Desktop Platform
Sharing on Dekoh - Our RIA Desktop PlatformSharing on Dekoh - Our RIA Desktop Platform
Sharing on Dekoh - Our RIA Desktop Platform
 
Scaing databases on the cloud
Scaing databases on the cloudScaing databases on the cloud
Scaing databases on the cloud
 
Product QA - A test engineering perspective
Product QA - A test engineering perspectiveProduct QA - A test engineering perspective
Product QA - A test engineering perspective
 
Facebook Olympics
Facebook OlympicsFacebook Olympics
Facebook Olympics
 
Process Guidelines V2
Process Guidelines V2Process Guidelines V2
Process Guidelines V2
 
Migrating to Cloud - A Step by Step
Migrating to Cloud - A Step by Step Migrating to Cloud - A Step by Step
Migrating to Cloud - A Step by Step
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Último (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Network penetration testing

  • 1. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Security Group (ISG) Network Penetration Testing reachus@imaginea.com
  • 2. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Network Penetration Testing Overview The contemporary way of working with networks as well as connecting with 3rd parties has left a lot of firms exposed to malicious attacks and with vulnerable areas that they aren't even conscious of yet. Network penetration testing uncovers network weaknesses prior to a malicious hacker. Network penetration testing includes testing from an external network and an internal network.
  • 3. Open Ports/ Services, Open Ports and Services , OS Hacker targets in a Packet Sniffing fingerprinting Router Vulnerabilities exploits Liberal Access Control typical network ARP spoofing, Cryptography Lists(ACL) Denial of Service infrastructure Hardware, Firmware, Software Denial of Service Hardware, Firmware, Software specific vulnerabilities specific vulnerabilities Switch Open Ports and Services User Authentication , Authorization issues, Cryptography Remote code execution, File Web Server Upload, XSS Server misconfiguration exploits Denial of Service Hardware, Firmware, Software specific vulnerabilities App Server Open Ports and Services Hacker Authentication , Authorization issues, Cryptography Buffer Overflows Denial of Service DBMS misconfiguration exploits Hardware, Firmware, Software specific vulnerabilities DB Server
  • 4. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Penetration Testing Methodology Step 1 • Information Gathering Step 2 • Analysis and Planning Step 3 • Vulnerability Identification Step 4 • Exploitation Step 5 • Risk Analysis and Remediation Suggestion Step 6 • Reporting
  • 5. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Gathering Template Information Required Data Organization Name Network diagram with details of the major network components (router, gateway, firewall, servers, user machines) and their communication paths Specify timings in which testing can be performed Note: Network penetration testing could increase network traffic considerably Specify timings for testing Denial of Service attacks and other applicable attacks Note: DOS attacks could increase network traffic significantly and may bring the network down Specify if there are any restrictions on testing some critical systems in the network. Provide access to one of the internal IP’s in the organization Scope of the Test: Specify all IP addresses of the systems to be tested from external and internal networks. Target machine IP address Purpose of the Specify whether the IP address is accessible to public network or limited to machine (Router, organization's internal network Gateway, server etc) (Eg: 196.0.0.1, Public IP) (Eg: Router)
  • 6. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Analysis and Planning Analysis Verification of given information Client communication for clarifications (if any) Understanding the network topology and communication mechanisms Identification of critical network components and corresponding vulnerabilities to be tested Planning Test modularization based on target machines or vulnerability focus areas Plan for external and internal network testing Plan for manual security testing phase Plan for automation testing phase Plan for exploitation phase Plan for risk analysis and reporting phases Time estimates for each of the phases
  • 7. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Open ports and services Input Validation Cross Site Scripting OS fingerprinting Buffer Overflow File Upload Authentication Remote Command Authentication Bypass Execution Weak passwords Default usernames/ passwords enabled Cryptography Plain text passwords stored in database/ files Weak Encryption Weak Key Authorization WEP key used for wireless encryption Privilege Escalation Gaining Access ARP Spoofing Packet Sniffing
  • 8. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Information Leakage System Configuration Sensitive Data Revealed Unpatched software and resulting vulnerabilities Liberal Access Control Lists Denial of Service Published vulnerabilities specific to SYN flood OS/Software/Service UDP flood ICMP flood ARP Spoofing Ping to Death Distributed Denial of Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the the technology/requirement/latest threats.
  • 9. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Vulnerability Testing Phases Automatic scanning of target machines using tools and analysis of the results for false positives Port and Services scanning OS fingerprinting Vulnerability Scanning Password cracking/ brute force Exhaustive manual penetration testing of each target machine and vulnerability focus areas Packet sniffing Cryptography issues Published vulnerabilities specific to the target machine/OS/Software/Service Default usernames/passwords enabled Identification of list of network vulnerabilities from manual and automation testing results
  • 10. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Tools Backtrack5: Open Source Linux based OS which contains penetration testing toolkit will be used for network penetration testing. Open source Perl scripts will be used for DOS attacks. Common toolkits: Tool Purpose Nmap Port Scanning, OS fingerprinting Nessus, Nsauditor Network vulnerability scanner Cain and Abel, John the Ripper, THC Hydra Password cracking tools ADMSnmp To check default community strings IKE-Scan To detect VPN server and version SMTPScan To obtain SMTP server and version Note: More tools will be added to the list based on the technology or need or latest advancements.
  • 11. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Attacks will be performed on application machines without causing much damage to the application resources and infrastructure. This phase is required in network penetration testing to identify certain vulnerabilities in the target machines. Such as Denial of Service Escalation of privileges Gaining access Man In The Middle(MITM) network traffic ARP spoofing WEP cracking Published exploit scripts specific to OS/Software/Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
  • 12. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Exploitation Toolkits Tool Purpose UDP Flood Denial of Service attack using UDP packet flood SYN Flood Denial of Service attack using SYN packet flood Ping to Death Denial of Service Denial of Service using ICMP packet flood in Smurf6 broadcast network. Cisco Global Exploiter Exploit published cisco vulnerabilities Metasploit Framework, Core Impact Exploitation tool Wireshark Network packet sniffing Aircrack-ng, Airodump-ng, Airmon-ng, Wireless packet sniffing WEP Key cracking Aireplay-ng De- authentication of a client Denial of service attacks ARPSpoof ARP spoofing Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
  • 13. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Risk Analysis and Remediation Suggestion Risk Analysis Estimation of the Likelihood of attack Estimation of the Impact of a successful attack Evaluate overall RISK of the vulnerability Risk = Likelihood * Impact OWASP Risk Rating Methodology is used as a guidance. Ref: https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology Remediation Suggestion Remediation measures will be suggested for each vulnerability identified. Priority for remediation will be suggested based on the risk rating of the vulnerability
  • 14. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Report Template Brief summary of the Network Brief description of the network includes critical components in the network, type of communication used, public IPs available etc. Network Security Summary report Brief description of the overall security status and the list of major security vulnerabilities identified. Vulnerability details for each identified vulnerability: Vulnerability Classification and Name Description of the vulnerability Vulnerability details Remediation Suggestions Vulnerability Risk Rating (Likelihood, Impact, Overall Risk)
  • 15. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Security as a Service http://www.imaginea.com reachus@imaginea.com