Security Audit Ppt

download Security Audit Ppt

of 24

Transcript of Security Audit Ppt

  • 8/14/2019 Security Audit Ppt

    1/24

    Security Audit Page 1www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Security Testing:Step by Step System Audit with Rational

    Tools

    First Presented for:

    The Rational User's Conference

    Orlando, FL 2002

    with:Chris Walters

    Scott Barber

    Chief Technology Officer

    PerfTestPlus, Inc.

  • 8/14/2019 Security Audit Ppt

    2/24

    Security Audit Page 2www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Agenda

    Threat Analysis

    Security Arenas & Policies

    Arsenal of Tools

    Security Audits

    -Security Test Plan

    - Systems Lockdown- Internal Testing-

    External Testing- Reporting

  • 8/14/2019 Security Audit Ppt

    3/24

    Security Audit Page 3www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Threat Analysis

    Statistics of Breaches

    Reported denial of service (DOS) attacks55%

    Will or able to quantify losses totaling $455,848,00044%

    Acknowledged financial loss due to breach80%

    Detected computer security breach90%

  • 8/14/2019 Security Audit Ppt

    4/24

    Security Audit Page 4www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Threat Analysis Cont.

    Examples

    -NIMDA Virus

    - Code Red- Remote Denial Of Service

    -AOL Instant Messenger Buffer OverflowExamples

  • 8/14/2019 Security Audit Ppt

    5/24

    Security Audit Page 5www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Security Arenas

    Access Control Systems

    Telecommunications & NetworksSecurity ManagementApplication & System Development

    CryptographyArchitecture & ModelsOperations SecurityLaw, Investigation, & EthicsBusiness Continuity & Disaster RecoveryPhysical Security

  • 8/14/2019 Security Audit Ppt

    6/24

    Security Audit Page 6www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Security Policy

    Risk Management- Incident Response- Point of Contact

    Disaster Recovery

    -Personal DataBackup

    Security Training- Social Engineering

    - Best Practices

    The Site Security PoliciesProcedure Handbookhttp://www.ietf.org/rfc/rfc2196.txt?Number=2196

    The SANS Security PolicyProjecthttp://www.sans.org/newlook/resources/policies/policies.htm

    http://www.sans.org/newlook/resources/policies/policies.htmhttp://www.sans.org/newlook/resources/policies/policies.htm

  • 8/14/2019 Security Audit Ppt

    7/24

  • 8/14/2019 Security Audit Ppt

    8/24

    Security Audit Page 8www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Arsenal of Tools Cont.

    Tools that assist in auditing security- Rational TestStudio- Nessus- Internet Security Scanner

  • 8/14/2019 Security Audit Ppt

    9/24

    Security Audit Page 9www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Security Audits

    Security Test Plan

    Systems Lockdown

    Internal Testing

    External Testing

    Reporting

  • 8/14/2019 Security Audit Ppt

    10/24

    Security Audit Page 10www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Security Test Plan Gathering Data

    Hardware Architecture-Firewalls, Routers, Gateways, Switches-Web Servers-Database Servers

    Software Architecture-Client/Server-Web Based

    User Model-SysAdmin-DBA-General User

  • 8/14/2019 Security Audit Ppt

    11/24

    Security Audit Page 11www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Security Lockdown

    Hardening Systems

    -Windows

    - Solaris- Linux

    Viruses etc.- Trojan Horses- Worms- Macros

    -Viruses

  • 8/14/2019 Security Audit Ppt

    12/24

    Security Audit Page 12www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    System Lockdown

    Firewalls

    -DMZ

    - Open Ports- Bypassing

  • 8/14/2019 Security Audit Ppt

    13/24

    Security Audit Page 13www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Internal Penetration Test

    Port Sniffing#include

    string host = "www.rational.com"; int port, bytes;

    {

    push [Timeout_val=10, Think_avg=0,Connect_retries=0];

    for (port=20; port < 81; port++) {

    display (itoa(port));

    sut = sock_connect("sut", host + ":" +

    itoa(port));

    if (sut > 0) { setServer_connection = sut;

    sock_send "";bytes = sock_isinput();

    sock_nrecv ["sut~" + itoa(port)]

    bytes;

    }

    }

    }

    IP Aliasing in TestStudio

  • 8/14/2019 Security Audit Ppt

    14/24

    Security Audit Page 14www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    DEMO Hacking from the Inside

  • 8/14/2019 Security Audit Ppt

    15/24

    Security Audit Page 15www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    External Penetration Test

    Packet Sniffing

    -Network Recording between servers

    ClearText Transmissions- Record possible unencrypted data traffic

    (Distributed) Denial Of Service Attack- Simulate using Virtual Testers with no delays in

    multiple locations

    Buffer Overflow- Playback with larger that allowed fields for POST

    data submissions

  • 8/14/2019 Security Audit Ppt

    16/24

    Security Audit Page 16www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    External Penetration Test Cont.

    Brute Force Cracking- Playback with DataPools of usernames and passwords

    #include

    string host = "www.rational.com";{

    push [Timeout_val=10, Think_avg=0, Connect_retries=0];

    do {

    rational_com = http_request [Brute F~001]"www.rational.com:80",

    HTTP_CONN_DIRECT,"POST /login/loginprocess.jsp HTTP/1.1\r\n"

    "Accept: image/gif, image/x-xbitmap, image/jpeg,image/pjpeg, applicat"

    "ion/vnd.ms-powerpoint, application/vnd.ms-excel,application/msword, */*\r\n"

    "Accept-Language: en-us\r\n"

    "Accept-Encoding: gzip, deflate\r\n"

    "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; WindowsNT 5.0)\r\n"

    "Host: www.rational.com\r\n"

    "Connection: Keep-Alive\r\n\r\n";

  • 8/14/2019 Security Audit Ppt

    17/24

    Security Audit Page 17www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    DEMO Breaking in with Robot

  • 8/14/2019 Security Audit Ppt

    18/24

    Security Audit Page 18www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Wireless Security

    WAP & ECC

    -Audit security at the gateway and beyond withTestStudio

    Emulators & TestStudio-

    Audit security between device and gateway802.11 & WEP

    - Audit security using TestStudio just like on a wirednetwork

  • 8/14/2019 Security Audit Ppt

    19/24

    Security Audit Page 19www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Reporting the Results

    Defect reporting

    -Incorporate ClearQuest

    Coverage reporting- Incorporate RequisitePro

    Custom reporting using TestStudio- Incorporate Manual test- Created using Crystal Reports and SoDA

  • 8/14/2019 Security Audit Ppt

    20/24

    Security Audit Page 20www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Common Security Holes

    Vulnerable CGI Programs

    Global File Shares

    Weak Passwords

    Default SNMP Settings

    Microsoft IIS HolesSocial EngineeringVulnerable

  • 8/14/2019 Security Audit Ppt

    21/24

    Security Audit Page 21www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Other Resources

    Websites

    -www.sans.org

    - www.happyhacker.org- www.antionline.com- www.securityfocus.com

    -csrc.nist.gov

    - www.antionline.com- And many more!

    RFC Documents

    -www.ietf.org/rfc.html

    Training

    Periodicals

    Books

    -Maximum Security

    - Practical UNIX & InternetSecurity

    - Web Security &Commerce

    - Building InternetFirewalls

    -

    And many more!

  • 8/14/2019 Security Audit Ppt

    22/24

    Security Audit Page 22www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Conclusion

    If you are connected, you are at risk

    Security policies are requiredIncident response forms are a must

    Security audits are the only way to test your

    security

  • 8/14/2019 Security Audit Ppt

    23/24

    Security Audit Page 23www.PerfTestPlus.com 2006 PerfTestPlus, Inc. All rights reserved.

    Questions?

    Rational User Conferenc 2002

    C t t I f

  • 8/14/2019 Security Audit Ppt

    24/24

    Security Audit Page 24www.PerfTestPlus.com 2006 PerfTestPlus Inc All i ht d

    Contact Info

    Scott BarberChief Technology Officer

    PerfTestPlus, Inc

    E-mail:

    [email protected]

    Web Site:

    www.PerfTestPlus.com

    mailto:[email protected]://www.perftestplus.com/http://www.perftestplus.com/mailto:[email protected]

THE UNIVERSAL SECURITY AUDIT PROGRAMME … · the universal security audit programme the universal security audit programme 1 (usap)

THE UNIVERSAL SECURITY AUDIT PROGRAMME … · the universal security audit programme the universal security audit programme 1 (usap)

A PPT ON AUDIT

A PPT ON AUDIT

Ppt on Bank Audit

Ppt on Bank Audit

Marketing audit final ppt

Marketing audit final ppt

Interna_ Audit _Module. ppt

Interna_ Audit _Module. ppt

Ppt Audit Komunikasi

Ppt Audit Komunikasi

Idea Brand Audit Ppt

Idea Brand Audit Ppt

Brand Audit PPT

Brand Audit PPT

Ppt on Tax Audit

Ppt on Tax Audit

Audit Ppt 152

Audit Ppt 152

Ppt Makalah Sampling Audit

Ppt Makalah Sampling Audit

audit ppt initiatives

audit ppt initiatives

Audit Management1.ppt

Audit Management1.ppt

Ppt Bab 13 Audit

Ppt Bab 13 Audit

Web App Audit Ppt

Web App Audit Ppt

AUDIT SECURITY

AUDIT SECURITY

Auditing - Tax Audit Ppt

Auditing - Tax Audit Ppt

HR Research & Audit PPT

HR Research & Audit PPT

Energy Audit Ppt

Energy Audit Ppt

Environmental Audit Ppt

Environmental Audit Ppt