Upload
repentchristian
View
234
Download
1
Embed Size (px)
Citation preview
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 1/80
Ethical Hacking andCountermeasures Version 6
Module XXI
Physical Security
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 2/80
Real World Scenario
, ,
was asked to do a physical security test by the Chiefof a well-known database firm. Their database was
. believed their systems were secure, but wanted to
be sure of it. c ae wen o e rm on e pre ex o mee ng
its Chief. Before entering the lobby, Michael haddriven around the building and checked for
,easily slip into the building.
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 3/80
Real World Scenario
, ,
proceeded through the warehouse, to what was anobvious entrance into the office building. Michael
.took the elevator down, and entered the room, which
was secured with cipher locks and access cards. He went strai ht to the ta e racks. There he studied theracks, as if looking for specific information. Hegrabbed a tape with an identifier that lookedsomethin like ACCT95QTR1.
The entire process lasted no more than 15 minutes.During that time, Michael breached their physical
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 4/80
News
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://www.bdafrica.com/
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 5/80
Module Objective
This module will familiarize you with:
Security Statistics
Physical security
Need for h sical securit
Factors that affect physical security
Physical Security checklist
Wireless Security
Laptop Thefts
Mantrap
Challenges in Ensuring Physical Security
Spyware Technologies
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Countermeasures
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 6/80
Module Flow
ecur ty tat st cs
Checklist antrap
Physical Security LocksChallenges in Ensuring
Physical Security
Need ForPhysical Security Wireless Security Spyware Technologies
Factors AffectingPhysical Security CountermeasuresLaptop Thefts
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 7/80
Security Facts
Receive alarm communications - 28%
Access control technology with identification cards - 90%
Companies require visitors to wear a badge or pass thatidentifies them as a visitor - 93%
xp os on e ec on ev ces –
Emergency telephones in parking areas – 9%
Police officers for security - 56%
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Companies use metal detectors for screen employees and visitors – 7% Source: http://www.aga.org/
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 8/80
News
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://searchstorage.techtarget.com
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 9/80
Understanding Physical
Since man always had something important to protect, he found various methods of
E tians were the first to develo a workin lock
Physical security describes the measures that prevent or deter attackers from accessing a, ,
Ph sical securit is an im ortant factor of com uter securit
Major security actions that are involved with physical security are intended to protect thecomputer from climate conditions, even though most of them are targeted at protecting
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
e compu er rom n ru ers w o use, or a emp o use p ys ca access o e compu erto break into it
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 10/80
Physical Security
Physical security describes measures taken to protect personnel, criticalassets and s stems a ainst deliberate and accidental threats
Physical security measures can be:
Physical
• Physical measures are taken to secure assets e.g.
deploying security personnel
Technical
• Technical measures are taken to secure services andelements that su ort Information Technolo ies e. .
security for server rooms
Operational
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
performing an operation such as analyzing threats of
an activity and taking appropriate countermeasures
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 11/80
What Is the Need for Physical
To prevent any unauthorizedaccess to computer systems
To prevent tampering/stealingof data from computer systems
To protect the integrity of thedata stored in the computer
To prevent the loss ofdata/damage to systems againstany natural calamities
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 12/80
Who Is Accountable for Physical
In most or anizations there is not a sin le erson who isaccountable for physical security
People who should be made accountable for thesecurity of a firm including both physical andinformation security are:
• The plant’s security officer• Safety officer• Information s stems anal st
• Chief information officer
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 13/80
Factors Affecting Physical
Factors that affect the h sical securit of
• Vandalism
a particular firm:
• Theft• Natural calamities:
• Earthquake•• Flood• Lightning and thunder
• Dust
• Water• Explosion• Terrorist attacks
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 14/80
Physical Security Checklist
Company surroundings
Premises
Reception
erver
Workstation area
Other equipment, such as fax, and removable media
Access control
Computer equipment maintenance
Wiretapping
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Remote access
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 15/80
Physical Security Checklist:
The entrance to the company premises
access
Checklist for securing the
company surroundings:
• Fences• Gates
• Walls• Guards• Alarms
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 16/80
Gates
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 17/80
Security Guards
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 18/80
Physical Security Checklist:
by:
• ec ng or roo ce ng access roug AC ducts
• Use of CCTV cameras with monitoredscreens and video recorders
• Installing intruder systems• Installing panic buttons• Installing burglar alarms
• Windows and door bars• Deadlocks
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 19/80
CCTV Cameras
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 20/80
Physical Security Checklist:
The reception area is supposed to be a busier area than
entering and exiting
T e recept on area can e protecte by:
, , .on the reception desk
• Reception desks should be designed to discourage inappropriateaccess to the administrative area by non-staff members
• Com uter screens should be ositioned in such a wa that
people cannot observe the screen near the reception desk • Computer monitors, keyboards, and other equipments at the
reception desk should be locked whenever the receptionist isaway from the desk and they should be logged off after office
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 21/80
Reception
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 22/80
Physical Security Checklist: Server
The server, which is the most important factor of any network, should be givena hi h level of securit
The server room should be well-lit
The server can be secured by the
following means:
• Server should not be used to perform day-to-dayactivities
• It should be enclosed and locked to prevent any physical
• DOS should be removed from Windows Servers as anintruder can boot the server remotely by DOS
• Booting from the floppy disk should be disabled andCD-ROM drives on the server or if ossible avoid
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
having these drives on the server
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 23/80
Server Room
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 24/80
Physical Security Checklist:
Employees should be educated about physical security
by taking the following steps:
•• Screens and PCs should be locked• Workstation layout design• Avoid removable media drives
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 25/80
Physical Security Checklist:
If an intruder successfully connects to the firm’s wireless access points,t en e s v rtua y ns e t e e any ot er emp oyee o t e rm
To revent such unauthorized access the wireless access oints should be secured
• WEP encryption should be followed
Gu e nes to o ow:
• SSID should not be revealed• Access points should be password protected to gainentry
• Passwords should be stron enou h so that the
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
cannot be easily cracked
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 26/80
Physical Security Checklist:
, ,
and removable media
• uc equ pmen s ou e secure yfollowing these steps:• Fax machines near the reception area
should be locked when the rece tionist isnot at the desk
• Faxes obtained should be filed properly• Modems should not have auto answer
mo e ena e• Removable media should not be placed in
public places, and corrupted removablemedia should be h sicall destro ed
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 27/80
Physical Security Checklist:
Access Control Access control is used to prevent unauthorized access to any sensitiveopera ona areas
The types of access controls are:
Separation of work areas
Entry cards
Man traps
Faculty sign-in procedures
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Identification badges
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 28/80
Physical Security Checklist:
“. . ,measuring and statistically analyzing biological data”
Biometric devices consist of a reader or scanning device, software that convertsthe scanned information into digital form, and a location for the data to beanalyzed; for instance a database that stores the biometric data for comparison
with previous records
Methods used by biometric devices foraccess control are:
• Fingerprints• Face scan•
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Voice recognition
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 29/80
Biometric Identification
Fingerprinting
• Ridges and furrows on the surface of afinger are used to identify a person,
which are unique
Iris Scanning
• Analyzes the colored part of the eyesus ended behind the cornea
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 30/80
Biometric Identification
’
Retinal scanning
• I ent es a person y ana yz ngthe layer of blood vessels at the
back of the eye
Vein Structure
• Thickness and location of veins
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 31/80
Authentication Mechanisms
Something you are :
• Use of biometric techniques such as fingerprints, facialrecognition, hand geometry, retinal scan, iris scan, vascular
, ,
Something you know:
• Based on the traditional password system
• Includes mechanisms such as challenge-response lists, one-time
Something you have:
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
, ,
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 32/80
Authentication Mechanism
Face recognition systems can be tricked by masquerade techniques
Signature recognition and hand geometry face the common problem of matching thepatterns from a large database which might lead to higher number of false positives and
false negatives
Retinal scan can hinder accuracy if the user does not focus on a given point for scan. Irisscan machines are very expensive
Some users object to vascular pattern technology that uses infrared light
Voice d namics is rone to inaccurac as it relies on the roduction of a "voice tem late"
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
that is compared with a spoken phrase
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 33/80
Faking Fingerprints
Identify your target whose fingerprint you want to fake
Glasses, door knobs, and glossy paper can be good sources
fingerprints visible. Sprinkle the outer surface of the glass with colored powder so that it sticks to the fat. Latentfingerprints are nothing but fat and sweat on the glass used b the tar et
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 34/80
Faking Fingerprints (cont’d)
Photograph the fingerprint and scan the image
Use a professional image editor to work on the scanned
image. You need to get the exact image of the fingerprint touse as mo , rom w c t e ummy s ma e
Take the print of the image on a transparency sheet using alaser printer. Add wood glue to one of the prints on thetransparency sheet
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 35/80
Faking Fingerprints (cont’d)
a sma rop o g ycer ne o e p n e process omaking the dummy. Use a roller for letter press printing
After the glue dries up, it is pulled off the foil, and is cut tofinger size
Theatrical glue is used to glue the dummy onto your ownfinger
You have faked the fingerprint!
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 36/80
Ph sical SecuritChecklist
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 37/80
Smart Cards
A smart card is a plastic card about the size of a
credit card, with an embedded microchip that can be loaded with data
This data can be used for telephone calling,electronic cash a ments and other a licationsand then periodically refreshed for additional use
smart car conta ns more n ormat on t an amagnetic strip card and can be programmed fordifferent applications
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 38/80
Security Token
According to the search security definition, “A securitytoken is a small hardware device that the owner carries to
”au or ze access o a ne wor serv ce
ecur ty to ens prov e an extra eve o assurance t rouga method known as two-factor authentication:
authorizes them as the owner of that particular device• The device then displays a number that uniquely identifies the
user to the service, allowing them to log in
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Computer Equipment
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 39/80
Computer Equipment
Maintenance
computer equipment maintenance
Computer equipment in a warehouse should also be accounted for
The AMC company personnel should not be left alone when they comefor the maintenance of the computer equipment
The toolboxes and the bags of the AMC company personnel should bethoroughly scanned for any suspicious materials that could
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 40/80
Wiretapping
According to www.freesearch.com wiretapping is the’
conversations by connecting a listening device to theirtelephone
According to www.howstuffworks.com, “wiretap is a
device that can interpret these patterns as sound”
You can do few things to make sure
• Inspect all the data carrying wires routinely • Protect the wires using shielded cables
a no one s w re app ng:
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly ProhibitedSource:kropla.com/phones.htm
• Never leave any wire exposed
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 41/80
Remote Access
Remote access is an easy way for an employee of a firm to work
company
rom any p ace outs e t e company s p ys ca oun ar es
Remote access to the company’s networks should be avoided asmuch as possible
It is easy for an attacker to remotely access the company’snetwork by compromising the employee’s connection
The data bein transferred durin the remote access should be
encrypted to prevent eavesdropping
Remote access is more dangerous than physical access as the
Remote access
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
a ac er s no n e v c n y an e pro a y o ca c nghim is less
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 42/80
Lapse of Physical Security
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://www.normantranscript.com/
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 43/80
Locks
oc s are use o res r c p ys ca access o an asse
T ey are use on any p ysica asset t at nee s to eprotected from unauthorized access, including doors, windows, vehicles, cabinets, and equipment
Different levels of security can be provided by locksdepending on how they are designed and implemented
A lock has two modes - engaged/locked and
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 44/80
Locks (cont’d)
Locks are either mechanical or electrical:
•
Mechanical Locks
• There are two types of mechanical locks:
• Warded• Tumbler
• Electric locks are comprised of electronic devices with scanners thatidentif users and com uters that rocess codes
Electric Locks
• Electric locks consist of the following types:• Card access systems• Electronic combination locks• Electroma netic locks
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Biometric entry systems
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 45/80
Lock Picking
a lock without the use of its key
To prevent lockpicking:
• Use a better quality of lock • Do not give the keys to anyone, as
key imprints can be taken formakin a du licate ke
• Do not reveal the lock codes
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
L k Pi ki T l
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 46/80
Lock Picking Tools
Auto Jigglers
Cylinder Lock
Lock Picking Set
Shovit Tool
Tubular Lock Picks
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Broken Key PullersElectrick Pick Jack Knife
L k Pi ki T l ( t’d)
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 47/80
Lock Picking Tools (cont’d)
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 48/80
Information Security
Hierarchical view to secure information:
Password protection /Complex passwords
Encrypted file system
Anti virus software
Firewalls
ntrus on etect on systems
Patches and updates
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Lock down unwanted ports /devices
( l i h i l i )
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 49/80
EPS (Electronic Physical Security)
An integrated application of a number of electronic security systems
EPS includes:
•• Automatic gas suppression systems• CCTV systems (IP Networks, Matrix
Switchers, DVR camera specifications, etc.)• RFID-Biometric- Smart Card Access Control
Systems• Intrusion detection systems
(Perimeter fencing, Crash barriers, Automatic Retraceable Bollards, Turnstiles,Undercarriage Scanners, X-
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
,• Guarding equipment and guarding plan
Wi l S it
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 50/80
Wireless Security
Wireless Security Measures:
• Checking the wireless traffic• Enabling WEP/WPA on the wireless
• MAC address control• End-to-end encryption
•• Access points evaluation
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
L Th f S i i f
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 51/80
Laptop Theft Statistics for 2007
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
ource: ttp: www.not ce ore .com
Statistics for Stolen and
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 52/80
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://articles.techrepublic.com.com/
L t Th ft
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 53/80
Laptop Theft
• What information of a strategic nature would be
If a laptop were lost...
sc oseReal examples of this type of information include pendingmergers, new product intellectual property, strategies and
launch plans, and previously undisclosed financial operatingresu ts• What information of a tactical nature would be
disclosed?Exam les include rivate com ensation information, lans fororganizational changes, proposals to clients, and the myriad ofsimilar information that can be gained from reading a person'semail, calendar, contacts, or collection of documents ands readsheets
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
L t Th ft (cont’d)
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 54/80
Laptop Theft (cont’d)
If a laptop were lost...
• What information about the company's network orcomputing infrastructure would be revealed that
would facilitate an electronic attack?
Exam les of this t e of information include usernames andpasswords, dial in numbers, IP addressing schemes, DNSnaming conventions, ISPs used, primary email servers, andother networking details related to connecting the laptop to thecor orate or Internet environment
• What personal information about the laptop ownercan be obtained?
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Laptop theft: Data Under Loss
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 55/80
Laptop theft: Data Under Loss
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://news.com.com
News
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 56/80
News
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
. . .
Laptop Security Tools
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 57/80
Laptop Security Tools
w w w .co m p u t er secu r i t y .co m
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Laptop Tracker - XTool Computer
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 58/80
p p p
What happens when your computer has been lost or stolen? tea t s gnaControl center
Don't you wish your computer could call you and tell you it'slocation?
This signature software based transmitter secretly sends a signal tothe Stealth Signal Control Center via a telephone or Internetconnection, to track its location when lost or stolen
Each signal received by the Control Center provides enoughinformation to track the location of the computer in case of a loss or
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
theftource: www.compu ersecur y.com
Tools to Locate Stolen Laptops
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 59/80
Tools to Locate Stolen Laptops
These are ro rams that will re ort the location of a stolen la to
They work when the laptop connects to the Internet
Ztrace Gold
• www.ztrace.com
CyberAngel
• www.sentryinc.com
Com utracePlus
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• www.computrace.com
Stop's Unique, Tamper-proof
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 60/80
STOP laces "Stolen Pro ert " and a toll-free number for verificationand anti-theft information
s a oo canno e remove y any means w ou mar ng ordefacing the case, and the police and resellers recognize such a mark asa telltale sign that the property is stolen
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://www.securitygroupintl.com/
Tool: TrueCrypt
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 61/80
Tool: TrueCrypt
establishing and maintaining an on-
the-fly-encrypted volume (datastorage device)
On-the-fly encryption means thatdata is automatically encrypted or
loaded or saved, without any user’sintervention
It is a free open source tool
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Source: www.truecrypt.org
Laptop Security Countermeasures
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 62/80
Laptop Security Countermeasures
Encrypt sensitive data
Back up everything on the laptop
race a sto en aptop s ocat on
Set BIOS password on the laptop
Consider laptop PC insurance
-
Use physical Kensington Locks
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Use strong hardware-based security
Mantrap
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 63/80
Mantrap
Mantrap provides alternate access for resources
It consists of two separate doors with an airlock in between
It restricts access to the secure areas
It permits users to enter the first door and requiresauthentication access to exit from the second door
• Pose difficulty in intruding into a single door
Security is provided in three ways:
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
• Evaluates a person before discharging• Permits only one user at a time
Mantrap: Diagrammatical
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 64/80
Request for access (NormallyOpen)
Request for access(Normally Open)
eques or access orma yClosed)
Door Closed Switch(Closed = Secure)
eques or access(Normally Closed)
Door Closed Switch(Closed = Secure)
Door 1
Inputs
Door 2
Inputs
Door 1
Outputs
Door 2
Outputs
Magnetic Lock
Electric Strike
Green Li ht
Magnetic Lock
Electric Strike
Green Li ht00
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Door 1 Inputs Door 2 Inputs
TEMPEST
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 65/80
TEMPEST
TEMPEST refers to Transient Electro Magnetic Pulse Emanation Surveillance
Technology for monitoring the devices that emit electromagnetic radiations
• Functional Sources
Sources of TEMPEST
signal generators
• Incidental Sources• Do not generate electromagnetic energy such as
electromechanical switches and brush-t e motors
• RED Baseband Signals
Types of TEMPEST
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
• Modulated Spurious Carriers• Impulsive Emanations
Challenges in Ensuring Physical
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 66/80
Enforcing security policies
Restrictions for sharingexperience and knowledge
Cost and Time factors
Terrorism
Sophisticated Technologies
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Spyware Technologies
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 67/80
py g
, , by your employees can defeat your physical security policy
• Video Recorders• Audio Devices• Bug DetectorsCate ories
• Home Security • Spy Gear
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Spying Devices
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 68/80
py g
Spy Glasses Lock Pick Set
Spy CameraNight vision Camera
EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 69/80
Spying Devices (cont’d)
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 70/80
py g ( )
Voice Recorders Voice Changer
Can Safe and Book Safe To detect Spy cameras
EC-Council Copyright © byEC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Spying Devices (cont’d)
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 71/80
Spy camera hidden insidea ceiling fan
Spying Camera
Phishing Intrusion Cell
EC-Council Copyright © byEC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security: Lock Down
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 72/80
Sometimes, it may not assure guaranteed protection against stealing of data
What if the intruder carries his own USB memory sticks and connects them to thecomputers at their office?
In a fraction of a second, an intruder can steal all the business information needed forestablishing his own company where he can get the customer’s database
To prevent the above situations, there is a need for the administrator to lock down theUSB ports
Administrators secure their networks behind firewalls by:
• nsta ng ema ters on t e r servers
• Installing anti-virus software on all client workstations
USB stick can be used to:
EC-Council Copyright © byEC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Ho an entire company s vita ata• Compromise the network with an infected stick
Tool: DeviceLock
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 73/80
Device Lock is a device control solution tosafeguard network computers against internal
• Network administrators can lock out
Using Device Lock:
unauthorized users from USB
• Administrators can control access to anydevice like floppies, serial and parallelports, Magneto-Optical disks, CD-ROMs,
,• Generate a report concerning the
permissions that have been set• Provide a level of precision control over
device resources unavailable• rant users temporary access to
devices when there is no networkconnection• Control the system remotely using the
centralized management console
EC-Council Copyright © byEC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Generate a report displaying the USB,FireWire, and PCMCIA devices
Source: www.devicelock.com
Blocking the Use of USB Storage
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 74/80
EC-Council Copyright © byEC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
DeviceLock Screenshots
Track Stick GPS TrackingDevice
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 75/80
Track Stick records its own location, time, date, speed,,
It can store months of travel information
It receives signals from 24 satellites orbiting the Earth, where it can calculate its own position anywhere to within
Advantages:
• If the laptop is stolen, this device is able to keeptrack of its location, so that it is found easil
EC-Council Copyright © byEC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Tells you how long the “target” has stayed in oneplace
What Happened Next
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 76/80
Michael examined organization premises, access control systems, anduestioned ersonnel
• Poor access control systems
He pointed out the followingloopholes:
• bsence of monitoring mechanisms• No dedicated officer looked after physical security
matters
• Install Biometric and CCTV systems forcontrolling access to the restricted areas
• Precautionar arran ements for nature caused
He suggeste t e o owing measures:
disasters
• Deployment of physical security officers• Maintain physical security checklist
’
EC-Council Copyright © byEC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
structures
Summary
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 77/80
Appoint Security officers, who would be accountable for any security breach in a firm
Device Lock is a device control solution to safeguard the network computers against
internal and external attacks All or anizations should have a checklist for h sical securit as a art of their securitcheck-ups
You cannot do anything to prevent natural disasters, but the loss can be decreasedsubstantially if a security policy is properly implemented
All the employees should take responsibility in handling security issues
Physical security checklist should be maintained for performing regular checks on
Biometrics can be used as an effective access control of restricted areas
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
mp emen a on o p ys ca secur y po cy an soc a eng neer ng ac cs are e wo gchallenges for physical security
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 78/80
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 79/80
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
8/9/2019 CEHv6 Module 21 Physical Security.pdf
http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 80/80
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited