Security Tools Workshop Part I
description
Transcript of Security Tools Workshop Part I
![Page 1: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/1.jpg)
Ernest Staats, MSIA, CISSP, CEH, Security+ , MCSE, CWNA,CNA, I-Net+, Server+, Network+, A+ http://es-es.net
![Page 2: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/2.jpg)
The Disclaimer!
In attending this session you agree that any software demonstrated comes absolutely with NO WARRANTY. Use entirely at your own risk. Ernest or Edison, & the other 3rd party vendors whose software is demonstrated as part of this session are not responsible for any subsequent loss or damage whatsoever!
![Page 3: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/3.jpg)
Class Structure
Mile wide, 2.5 feet deep Feel free to ask questions at any timeThere will be many breaks to play with the tools mentionedUse the thumb drive provided by Linoma
The BT4 DVD will be used laterCain and rainbow tables may cause an AV alert as they are used to crack passwords
![Page 4: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/4.jpg)
Problem: Unorganized Response
What should I do?Who should I call?Should I shut the system down?Should I run the virus cleaner?Should I trust my Anti-virus quarantine?Should I re-image the system?
![Page 5: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/5.jpg)
People can be Your Greatest Asset
Or your Weakest !!
![Page 6: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/6.jpg)
Office Security TipsEnsure Employees are Security AwareAdopt an “Acceptable Use” Policy in terms of IT, Email, Internet etcEnsure Employees are Security VettedWear ID Badges Question Visitors – “Offer Help”Secure all Entrances & ExitsKnow Emergency ProceduresSecure your Valuables
Laptops, Phones, Keys, IDs Etc
![Page 7: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/7.jpg)
Keeping up Appearances!
Airport Security at its best.. Ok maybe notThe military teaches that the appearance of a hard target can deter attacks
![Page 8: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/8.jpg)
Google Hacking
Various usernames and passwords (both encrypted and in plain text) Internal documents Internal site statistics Intranet access Database access Open WebcamsVNC ConnectionsMail server access And much more
![Page 9: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/9.jpg)
Google Advance Operators
Operators Description
site: Restrict results to only one domain, or server
inurl:/allinurl: All terms must appear in URL
intitle:/allintitle: All terms must appear in title
cache: Display Google’s cache of a page
ext:/filetype: Return files with a given extension/file type
info: Convenient way to get to other information about a page
link: Find pages that link to the given page
inanchor: Page is linked to by someone using the term
![Page 10: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/10.jpg)
Google Hacking Examples!Site:com filetype:xls "Accounts“"vnc desktop" inurl:5800inurl:indexFrame.shtml Axis inurl:hp/device/this.LCDispatchersite:gov.uk filetype:xls userssite:gov.uk filetype:doc staffsite:co.uk "index of /" +passwd"Index of /” +.htaccesssite:dk +hotel filetype:xlssite:com +password filetype:xlsInurl:admin users passwordsinurl:admin intitle:index.of"Microsoft-IIS/5.0 Server at" intitle:index.of
![Page 11: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/11.jpg)
Don’t Get Google Hacked!
Keep sensitive information off the internet Be careful how you write your scripts and access your databasesUse robots.txt to let Google know what parts of your website it is ok to index. Specify which parts of the website are “off bounds” Ensure directory rights on your web server are in order Monitor your site for common errors“Google hack” your own website
![Page 12: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/12.jpg)
DNS/Domain Tools http://serversniff.net/subdomains.php
http://serversniff.net/nsreport.php gcasda.orghttp://serversniff.net/content.php?do=httprobots
http://whois.domaintools.com/
Tools on Thumb DriveDNS Lookup good DIG tool(GUI) http://nscan.org/dig.htmlNirsoft’s http://www.nirsoft.net/utils/whois_this_domain.htmlhttp://www.nirsoft.net/utils/ipnetinfo.html
![Page 13: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/13.jpg)
People/Image Info K12
http://www.pipl.comhttp://www.peekyou.comhttp://yoname.com
Image Info:http://tineye.com
Take sample image from http://www.governor.nebraska.gov/about/index.html
![Page 14: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/14.jpg)
Maltego
Maltego offers to both network and resource based entities the aggregation of information posted all over the internet - whether it’s the current configuration of a router poised on the edge of your network or the current whereabouts of your Vice President on his international visits
![Page 15: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/15.jpg)
Maltego Hands on
Software located on Thumb drive run against gcasda.org or a site you have permissions to urn it on
![Page 16: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/16.jpg)
Website Testing made easy Netsparker delivers detection, confirmation and exploitation of vulnerabilities Exploitation of SQL Injection Vulnerabilities Getting a reverse shell from SQL Injection vulnerabilities Exploitation of LFI (Local File Inclusion) Vulnerabilities Downloading the source code of all the crawled pages via LFI (Local File Inclusion) Downloading known OS files via LFI (Local File Inclusion)
![Page 17: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/17.jpg)
Netsparker Hands on
The software is located on thumb drive. You can run against 6.110.220.24 or a site you have permissions to run it against
![Page 18: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/18.jpg)
Portable AppsProcess Kill
![Page 19: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/19.jpg)
Things to hack with
So many tools, so little time to install them all:
Great list of security toolshttp://sectools.org/
![Page 20: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/20.jpg)
Easy way with Live CDs and VMs
BackTrack (Security OS of Choice) http://www.remote-exploit.org/backtrack_download.html
Samurai WTF (web pen-testing )http://samurai.inguardians.com/
DEFT Linux (Computer Forensics)http://www.deftlinux.net/
![Page 21: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/21.jpg)
Staying up to date on trends and exploits
Milw0rm http://www.milw0rm.com/SANS Internet Storm Centerhttp://isc.sans.org/PacketStormhttp://www.packetstormsecurity.org/ BugTraqhttp://www.securityfocus.com/archive/1 RootSecurehttp://www.rootsecure.net/
![Page 22: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/22.jpg)
Podcasts: Learn about new tools as they come out
Pauldotcomhttp://www.pauldotcom.com/Exotic Liability http://www.exoticliability.com/Security Justicehttp://securityjustice.com/ Securabit http://www.securabit.com/
![Page 23: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/23.jpg)
Specially built scenarios
De-ICE & pWnOS Live CDshttp://heorot.net/livecds/
Damn Vulnerable Linuxhttp://www.damnvulnerablelinux.org/
![Page 24: Security Tools Workshop Part I](https://reader035.fdocuments.us/reader035/viewer/2022062809/568159a4550346895dc6fecf/html5/thumbnails/24.jpg)
Deliberately vulnerably web apps
Hacme Series from Foundstone (Hacme Travel, Hacme Bank, Hacme Shipping, Hacme Books)http://www.foundstone.com/us/resources-free-tools.asp
WebGoathttp://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Mutillidaehttp://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10