1 / 18

Network Security Testing Techniques

Network Security Testing Techniques Presented By:- Sachin Vador System Development Life Cycle System Development Life Cycle 1. Initiation – the system is described in terms of its purpose, mission, and configuration.

Lucy
Télécharger la présentation

Network Security Testing Techniques

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Testing Techniques Presented By:- Sachin Vador

  2. System Development Life Cycle

  3. System Development Life Cycle • 1. Initiation – the system is described in terms of its purpose, mission, and configuration. • 2. Development and Acquisition – the system is possibly contracted and constructed according to documented procedures and requirements. • 3. Implementation and Installation – the system is installed and integrated with other applications, usually on a network. • 4. Operational and Maintenance – the system is operated and maintained according to its mission requirements. • 5. Disposal – the system’s lifecycle is complete and it is deactivated and removed from the network and active use.

  4. When is the Network Security Testing done? • It is done after system has been developed, installed and integrated during Implementation and Operational stages.

  5. Tools and Techniques for Network Security • Network Scanning • Vulnerability Scanning • Password Cracking • Log Reviews • War Dialing • Wireless LAN Testing (War Driving) • Penetration Testing

  6. Network Scanning • Scan for connected hosts • Scan for services running on the host • Scan for which applications are running those services • How Scanning takes place? Ping the hosts using ICMP ECHO and Reply. Look for open TCP/UDP ports. • Operating system fingerprinting. Not reliable as firewalls can be configured to camouflage the operating system.

  7. Network Scanning • Vulnerabilities of IIS different from Apache. • Listen on the remote port. • Banner Grabbing. • Need human to interpret the results. • Preparation for Penetration Testing.

  8. Network Scanning Results • Investigate and disconnect unauthorized hosts • Disable or remove unnecessary and vulnerable services • Modify vulnerable hosts to restrict access to vulnerable services to a limited number of required hosts (e.g., host level firewall or TCP wrappers), and • Modify enterprise firewalls to restrict outside access to known vulnerable services.

  9. Vulnerability Scanning • Takes Network Scanning 1 step ahead. • Maintains database of vulnerabilities in operating systems. • They generate more traffic that port scanners. • Network based Scanners. • Host based Scanners.

  10. Log Reviews • Dynamic picture of system activities. • Conformance with the security policies. • IDS sensors placed behind firewall. • Change Firewall Policies.

  11. War Dialing • Unauthorized modems. • Dialing software can dial hundreds of numbers in short time • Block the inbound calls to the identified number if it is not possible to remove them

  12. War Driving • Wireless Default Configuration is insecure. • Drive Test • Just need wireless network card and testing tools • Frequency of testing

  13. Penetration Testing • It is a method of getting into the system by using the techniques used by the attacker. • Specific IP addresses/ranges to be tested • Any restricted hosts (i.e., hosts, systems, subnets, not to be tested) • A list of acceptable testing techniques (e.g. social engineering, DoS, etc.) and tools (password crackers, network sniffers, etc.) • Times when testing is to be conducted (e.g., during business hours, after business hours, etc.) • Identification of a finite period for testing • IP addresses of the machines from which penetration testing will be conducted so that administrators can differentiate the legitimate penetration testing attacks from actual malicious attacks • Points of contact for the penetration testing team, the targeted systems, and the networks • Measures to prevent law enforcement being called with false alarms (created by the testing) • Handling of information collected by penetration testing team.

  14. Penetration Testing • Blue Teaming • Red Teaming

  15. Phases of Penetration Testing

  16. Phases of Penetration Testing • Planning Phase Goals are set. Permission is taken. No testing. • Discovery Phase Testing starts. Port scanning is used to identify the vulnerabilities. • Executing the attack Exploit the vulnerabilities.

  17. Conclusion • Acceptable use guidelines (e.g., what is acceptable use of organization computing and network resources) • Roles and responsibilities (for users, administrators, management) • Authentication (e.g., passwords, biometrics) • Availability of resources (redundancy, recovery, backups) • Compliance (infractions, consequences and penalties).

  18. Questions ?

More Related