05-defense vulnerability scanning practice
DESCRIPTION
05-Defense Vulnerability Scanning PracticeTRANSCRIPT
Information Security Education for Vietnamese Officers
2015.08.14. Michał Rzepka
Network & OS security
2 2
Hacking Lab challenges
3 Page Before we start… Ⅰ
6 Page Defensive measures Ⅱ
15 Page Ⅲ
19 Page Exercise session Ⅳ
21 Page Summary Ⅴ
7 7
Real attack 1. Reconnaissance / Information Gathering 2. Enumeration 3. Exploitation 4. Maintaining access (persistance) / cleaning up
Security assessment / legal pentesting 1. Reconnaissance / Information Gathering 2. Enumeration 3. Vulnerability assessment / Exploitation 4. Documentation (report)
8 8
• Persistence (maintaining access) / clean-up are beyond of the scope of this course
• But, briefly, it is all about going under radar
9 9
• The last phase of a pentest / security assessment is documentation
• What is expected from the report? • Report should be comprehensive
– Why the test was conducted? What was the goal? – Exact timeline? Exact components included in the scope? – Test limitations (list all the problems – e.g. no access provided,
missing credentials, feature not implemented, XYZ system went down etc.)
• Who is the report’s audience? – Management or tech, or both?
10 10
• Findings should be descriptive enough – What is the problem? – How it can be exploited/abused?
• What is the real risk? – Keep the environment-specific things in mind
• What’s the “business impact”? • Findings should be possible to be reproduced • Recommendations should be reasonable • Keep in mind that you are writing the report to help someone fix the issues!