1 tactics and penetration testing. overview tactics: a procedure or set of maneuvers engaged in to...

18
1 Tactics and Penetration Testing

Upload: caren-cross

Post on 18-Jan-2016

212 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

1

Tactics and Penetration Testing

Page 2: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Overview

Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal.

•Tactics

•Penetration testing

•Methods

•Guidelines

2

Page 3: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Tactics

• Reconnaissance

• Exploit

• Communication

• Command

• Effect

• Reserve

• Implications3

Page 4: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

IW-Strategy: 4

Critical Issues

• What must you defend?– Mission of the organization– Assets of the organization

• What can you defend?– Personnel limitations– Information limitations

• What is likely to be attacked?

Page 5: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

IW-Strategy: 5

Reconnaissance

Extend view of the World

•Finding the network: Lookup, DNS, Routes

•Locating key hosts: Services, Public Nodes

•Profiling: Role, OS, Age, Content, Relations, hosts vs. decoys

•Points of Access: Initial and Follow-on

•Points of Vulnerability: technical, procedure

•Points of Exploit: Change State

•Points of Effect: Channel, Target, Cover

Page 6: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

ExploitMethods by which to gain access or elevate privileges

•System type: Service and OS

•End goal: Impersonate, Intercept, Modify, Interrupt

•Jump points: Local, Border, Remote

•Methods: Vulnerability, Action, Reaction

•Evidence: System, Defense, Network

6

Page 7: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

CommunicationTransfer of information on progress

•Indicators: External evidence of progress

•Waypoints: Phases of method

•Signaling: Present, Ready, Beacon

•Reporting: Success, Fail, Options

•Transfer: Information, Code, Command

7

Page 8: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

CommandDirecting actions of hack

•Manual vs. Automatic: interactive, shells

•Command Channels: application, infrastructure

•Encryption and encoding

•Passive vs. Active

•Intelligence: actions, options, productivity

•Commanding Effects

8

Page 9: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

EffectMechanism for advancing hack

•Employ, Corrupt, Install, Reconfigure

•Phased effects

•Split effects

•Delegation, Propagation, Relocation

•Confusion

•Reconnaissance

•Plant the flag, Capture the flag

9

Page 10: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

ReserveUnused means of attack

•Respond to defenses

•Respond to detection

•Branch points

•Redundancy

•Deception

10

Page 11: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

ImplicationsReplicating attacks

Modifying attacks

Operational damage

Mission damage

11

Page 12: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Penetration Testing

• Identify weakness

• Inform response: Priority, Options, Effectiveness

• Assess security performance

• Communicate risk: “We think we’re really secure.”

12

Page 13: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Methods

• Appropriate to goal

• Within scenario

• Deception

• Bounded range

• Bounded damage

13

Page 14: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Guidelines

Agreement on terms of penetration

•Goal

•Constraints

•Liabilities

•Indemnification

•Success and Failure

14

Page 15: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Goal

• Personnel

• Process

• Technology

• Service

• Readiness

• Exploration

15

Page 16: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Constraints

• Where applied

• When applied

• Scenario

• Resources: cost, effort, personnel, technology

• Excluded methods

16

Page 17: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Liabilities

• Technical instability

• Personnel distraction

• Financial dispersion

• Public perception

• Mission disruption

17

Page 18: 1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration

Indemnification

• Authority

• Accountability

• Oversight and Decision

• Reporting

• Information handling

• Non-disclosure

18