1 / 12

Assessing a System

This document outlines essential principles and practices for assessing system security. It covers vulnerabilities, the importance of patch management, and port management under the 'least privilege' principle. Additionally, it emphasizes protective measures, including firewalls and anti-virus software, along with the periodic review of policy frameworks. Initial reconnaissance techniques, such as using tools like Nslookup and Nmap, are discussed, as well as the critical role of social engineering and various scanning techniques. Implement this guidance to enhance your organization's cybersecurity posture.

kizzy
Télécharger la présentation

Assessing a System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DIYTP 2009 Assessing a System

  2. Assessing a System - Basics • Why? • Vulnerabilities • What to look at: • The six ‘P’s • Patch • Ports • Protect • Policies • Probe • Physical

  3. Assessing a System - Basics • Patches • First rule of computer security • Patches are released for all types of software, all the time • MUST BE UP-TO-DATE!! • Organization should have a patch management policy/system

  4. Assessing a System - Basics • Ports • Should be managed by ‘least privilege’ principle • Ports which are not needed, should be shut down • ….as well as their associated services • Protect • Protective software/devices should be used • Firewall • IDS • Anti-virus

  5. Assessing a System - Basics • Policies • Should be reviewed periodically as organizational needs and software/hardware changes • Types: • Acceptable use (i.e. e-mail, Internet use) • Disaster recovery • Password

  6. Assessing a System – Basics • Probe • Take a look and see what the network looks like • Should use multiple analysis tools to assess your network • Look for security flaws • Should be scheduled regularly

  7. Assessing a System - Basics • Physical • Policy or procedures should address how systems are secured • Do they need to be locked up? • Backup media • Is it stored in a secure location? (i.e. fireproof safe) • Routers/switches/hubs • Who has access? • How should it be secured?

  8. Assessing a System – Initial Reconnaissance • Tools • Nslookup • IP addresses • Records for domain • Whois • Owner of a domain, IP address • ARIN • IP address allocation

  9. Assessing a System – Initial Reconnaissance • Netcraft www.netcraft.com • What the target is running • VisualRoute www.visualware.com • Visual traceroute to target • Sam Spade www.samspade.org • Multiple tools in one package

  10. Assessing a System – Social Engineering • Social Engineering • People are security’s weakest link • Many attack vectors • Impersonation • Dumpster diving • Shoulder surfing

  11. Assessing a System - Scanning • Common Tools: • Nmap and Nessus • Finds hosts • Operating system • Firewalls • Vulnerabilities • Ping • IP Connectivity • Traceroute • Maps out route to target

More Related