Assessing a System
description
Transcript of Assessing a System
![Page 1: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/1.jpg)
DIYTP 2009
![Page 2: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/2.jpg)
Assessing a System - Basics Why?
Vulnerabilities What to look at:
The six ‘P’s Patch Ports Protect Policies Probe Physical
![Page 3: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/3.jpg)
Assessing a System - Basics Patches
First rule of computer security Patches are released for all types of
software, all the time MUST BE UP-TO-DATE!! Organization should have a patch
management policy/system
![Page 4: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/4.jpg)
Assessing a System - Basics Ports
Should be managed by ‘least privilege’ principle
Ports which are not needed, should be shut down ….as well as their associated services
Protect Protective software/devices should be used
Firewall IDS Anti-virus
![Page 5: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/5.jpg)
Assessing a System - Basics Policies
Should be reviewed periodically as organizational needs and software/hardware changes
Types: Acceptable use (i.e. e-mail, Internet use) Disaster recovery Password
![Page 6: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/6.jpg)
Assessing a System – Basics Probe
Take a look and see what the network looks like
Should use multiple analysis tools to assess your network
Look for security flaws Should be scheduled regularly
![Page 7: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/7.jpg)
Assessing a System - Basics Physical
Policy or procedures should address how systems are secured Do they need to be locked up?
Backup media Is it stored in a secure location? (i.e.
fireproof safe) Routers/switches/hubs
Who has access? How should it be secured?
![Page 8: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/8.jpg)
Assessing a System – Initial Reconnaissance Tools
Nslookup IP addresses Records for domain
Whois Owner of a domain, IP address
ARIN IP address allocation
![Page 9: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/9.jpg)
Assessing a System – Initial Reconnaissance Netcraft www.netcraft.com
What the target is running VisualRoute www.visualware.com
Visual traceroute to target Sam Spade www.samspade.org
Multiple tools in one package
![Page 10: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/10.jpg)
Assessing a System – Social Engineering Social Engineering
People are security’s weakest link Many attack vectors
Impersonation Dumpster diving Shoulder surfing
![Page 11: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/11.jpg)
Assessing a System - Scanning Common Tools:
Nmap and Nessus Finds hosts Operating system Firewalls Vulnerabilities
Ping IP Connectivity
Traceroute Maps out route to target
![Page 12: Assessing a System](https://reader035.fdocuments.us/reader035/viewer/2022062323/56815d8c550346895dcb98fb/html5/thumbnails/12.jpg)