CEHv6 Module 21 Physical Security.pdf

8/9/2019 CEHv6 Module 21 Physical Security.pdf

http://slidepdf.com/reader/full/cehv6-module-21-physical-securitypdf 1/80

Ethical Hacking andCountermeasures Version 6

Module XXI

Physical Security



Real World Scenario

, ,

was asked to do a physical security test by the Chiefof a well-known database firm. Their database was

. believed their systems were secure, but wanted to

be sure of it. c ae wen o e rm on e pre ex o mee ng

its Chief. Before entering the lobby, Michael haddriven around the building and checked for

,easily slip into the building.

EC-CouncilCopyright © by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited



Real World Scenario

, ,

proceeded through the warehouse, to what was anobvious entrance into the office building. Michael

.took the elevator down, and entered the room, which

was secured with cipher locks and access cards. He went strai ht to the ta e racks. There he studied theracks, as if looking for specific information. Hegrabbed a tape with an identifier that lookedsomethin like ACCT95QTR1.

The entire process lasted no more than 15 minutes.During that time, Michael breached their physical





News



Source: http://www.bdafrica.com/



Module Objective

This module will familiarize you with:

Security Statistics

Physical security

Need for h sical securit

Factors that affect physical security

Physical Security checklist

Wireless Security

Laptop Thefts

Mantrap

Challenges in Ensuring Physical Security

Spyware Technologies



Countermeasures



Module Flow

ecur ty tat st cs

Checklist antrap

Physical Security LocksChallenges in Ensuring

Physical Security

Need ForPhysical Security Wireless Security Spyware Technologies

Factors AffectingPhysical Security CountermeasuresLaptop Thefts





Security Facts

Receive alarm communications - 28%

Access control technology with identification cards - 90%

Companies require visitors to wear a badge or pass thatidentifies them as a visitor - 93%

xp os on e ec on ev ces –

Emergency telephones in parking areas – 9%

Police officers for security - 56%



Companies use metal detectors for screen employees and visitors – 7% Source: http://www.aga.org/



News



Source: http://searchstorage.techtarget.com



Understanding Physical

Since man always had something important to protect, he found various methods of

E tians were the first to develo a workin lock

Physical security describes the measures that prevent or deter attackers from accessing a, ,

Ph sical securit is an im ortant factor of com uter securit

Major security actions that are involved with physical security are intended to protect thecomputer from climate conditions, even though most of them are targeted at protecting



e compu er rom n ru ers w o use, or a emp o use p ys ca access o e compu erto break into it



Physical Security

Physical security describes measures taken to protect personnel, criticalassets and s stems a ainst deliberate and accidental threats

Physical security measures can be:

Physical

• Physical measures are taken to secure assets e.g.

deploying security personnel

Technical

• Technical measures are taken to secure services andelements that su ort Information Technolo ies e. .

security for server rooms

Operational



performing an operation such as analyzing threats of

an activity and taking appropriate countermeasures



What Is the Need for Physical

To prevent any unauthorizedaccess to computer systems

To prevent tampering/stealingof data from computer systems

To protect the integrity of thedata stored in the computer

To prevent the loss ofdata/damage to systems againstany natural calamities





Who Is Accountable for Physical

In most or anizations there is not a sin le erson who isaccountable for physical security

People who should be made accountable for thesecurity of a firm including both physical andinformation security are:

• The plant’s security officer• Safety officer• Information s stems anal st

• Chief information officer





Factors Affecting Physical

Factors that affect the h sical securit of

• Vandalism

a particular firm:

• Theft• Natural calamities:

• Earthquake•• Flood• Lightning and thunder

• Dust

• Water• Explosion• Terrorist attacks





Physical Security Checklist

Company surroundings

Premises

Reception

erver

Workstation area

Other equipment, such as fax, and removable media

Access control

Computer equipment maintenance

Wiretapping



Remote access



Physical Security Checklist:

The entrance to the company premises

access

Checklist for securing the

company surroundings:

• Fences• Gates

• Walls• Guards• Alarms





Gates





Security Guards






by:

• ec ng or roo ce ng access roug AC ducts

• Use of CCTV cameras with monitoredscreens and video recorders

• Installing intruder systems• Installing panic buttons• Installing burglar alarms

• Windows and door bars• Deadlocks





CCTV Cameras






The reception area is supposed to be a busier area than

entering and exiting

T e recept on area can e protecte by:

, , .on the reception desk

• Reception desks should be designed to discourage inappropriateaccess to the administrative area by non-staff members

• Com uter screens should be ositioned in such a wa that

people cannot observe the screen near the reception desk • Computer monitors, keyboards, and other equipments at the

reception desk should be locked whenever the receptionist isaway from the desk and they should be logged off after office





Reception





Physical Security Checklist: Server

The server, which is the most important factor of any network, should be givena hi h level of securit

The server room should be well-lit

The server can be secured by the

following means:

• Server should not be used to perform day-to-dayactivities

• It should be enclosed and locked to prevent any physical

• DOS should be removed from Windows Servers as anintruder can boot the server remotely by DOS

• Booting from the floppy disk should be disabled andCD-ROM drives on the server or if ossible avoid



having these drives on the server



Server Room






Employees should be educated about physical security

by taking the following steps:

•• Screens and PCs should be locked• Workstation layout design• Avoid removable media drives






If an intruder successfully connects to the firm’s wireless access points,t en e s v rtua y ns e t e e any ot er emp oyee o t e rm

To revent such unauthorized access the wireless access oints should be secured

• WEP encryption should be followed

Gu e nes to o ow:

• SSID should not be revealed• Access points should be password protected to gainentry

• Passwords should be stron enou h so that the



cannot be easily cracked




, ,

and removable media

• uc equ pmen s ou e secure yfollowing these steps:• Fax machines near the reception area

should be locked when the rece tionist isnot at the desk

• Faxes obtained should be filed properly• Modems should not have auto answer

mo e ena e• Removable media should not be placed in

public places, and corrupted removablemedia should be h sicall destro ed






Access Control Access control is used to prevent unauthorized access to any sensitiveopera ona areas

The types of access controls are:

Separation of work areas

Entry cards

Man traps

Faculty sign-in procedures



Identification badges




“. . ,measuring and statistically analyzing biological data”

Biometric devices consist of a reader or scanning device, software that convertsthe scanned information into digital form, and a location for the data to beanalyzed; for instance a database that stores the biometric data for comparison

with previous records

Methods used by biometric devices foraccess control are:

• Fingerprints• Face scan•



• Voice recognition



Biometric Identification

Fingerprinting

• Ridges and furrows on the surface of afinger are used to identify a person,

which are unique

Iris Scanning

• Analyzes the colored part of the eyesus ended behind the cornea





Biometric Identification

’

Retinal scanning

• I ent es a person y ana yz ngthe layer of blood vessels at the

back of the eye

Vein Structure

• Thickness and location of veins





Authentication Mechanisms

Something you are :

• Use of biometric techniques such as fingerprints, facialrecognition, hand geometry, retinal scan, iris scan, vascular

, ,

Something you know:

• Based on the traditional password system

• Includes mechanisms such as challenge-response lists, one-time

Something you have:



, ,



Authentication Mechanism

Face recognition systems can be tricked by masquerade techniques

Signature recognition and hand geometry face the common problem of matching thepatterns from a large database which might lead to higher number of false positives and

false negatives

Retinal scan can hinder accuracy if the user does not focus on a given point for scan. Irisscan machines are very expensive

Some users object to vascular pattern technology that uses infrared light

Voice d namics is rone to inaccurac as it relies on the roduction of a "voice tem late"



that is compared with a spoken phrase



Faking Fingerprints

Identify your target whose fingerprint you want to fake

Glasses, door knobs, and glossy paper can be good sources

fingerprints visible. Sprinkle the outer surface of the glass with colored powder so that it sticks to the fat. Latentfingerprints are nothing but fat and sweat on the glass used b the tar et





Faking Fingerprints (cont’d)

Photograph the fingerprint and scan the image

Use a professional image editor to work on the scanned

image. You need to get the exact image of the fingerprint touse as mo , rom w c t e ummy s ma e

Take the print of the image on a transparency sheet using alaser printer. Add wood glue to one of the prints on thetransparency sheet





Faking Fingerprints (cont’d)

a sma rop o g ycer ne o e p n e process omaking the dummy. Use a roller for letter press printing

After the glue dries up, it is pulled off the foil, and is cut tofinger size

Theatrical glue is used to glue the dummy onto your ownfinger

You have faked the fingerprint!





Ph sical SecuritChecklist





Smart Cards

A smart card is a plastic card about the size of a

credit card, with an embedded microchip that can be loaded with data

This data can be used for telephone calling,electronic cash a ments and other a licationsand then periodically refreshed for additional use

smart car conta ns more n ormat on t an amagnetic strip card and can be programmed fordifferent applications





Security Token

According to the search security definition, “A securitytoken is a small hardware device that the owner carries to

”au or ze access o a ne wor serv ce

ecur ty to ens prov e an extra eve o assurance t rouga method known as two-factor authentication:

authorizes them as the owner of that particular device• The device then displays a number that uniquely identifies the

user to the service, allowing them to log in



Computer Equipment



Computer Equipment

Maintenance

computer equipment maintenance

Computer equipment in a warehouse should also be accounted for

The AMC company personnel should not be left alone when they comefor the maintenance of the computer equipment

The toolboxes and the bags of the AMC company personnel should bethoroughly scanned for any suspicious materials that could





Wiretapping

According to www.freesearch.com wiretapping is the’

conversations by connecting a listening device to theirtelephone

According to www.howstuffworks.com, “wiretap is a

device that can interpret these patterns as sound”

You can do few things to make sure

• Inspect all the data carrying wires routinely • Protect the wires using shielded cables

a no one s w re app ng:


All Rights Reserved. Reproduction is Strictly ProhibitedSource:kropla.com/phones.htm

• Never leave any wire exposed



Remote Access

Remote access is an easy way for an employee of a firm to work

company

rom any p ace outs e t e company s p ys ca oun ar es

Remote access to the company’s networks should be avoided asmuch as possible

It is easy for an attacker to remotely access the company’snetwork by compromising the employee’s connection

The data bein transferred durin the remote access should be

encrypted to prevent eavesdropping

Remote access is more dangerous than physical access as the

Remote access



a ac er s no n e v c n y an e pro a y o ca c nghim is less



Lapse of Physical Security



Source: http://www.normantranscript.com/



Locks

oc s are use o res r c p ys ca access o an asse

T ey are use on any p ysica asset t at nee s to eprotected from unauthorized access, including doors, windows, vehicles, cabinets, and equipment

Different levels of security can be provided by locksdepending on how they are designed and implemented

A lock has two modes - engaged/locked and





Locks (cont’d)

Locks are either mechanical or electrical:

•

Mechanical Locks

• There are two types of mechanical locks:

• Warded• Tumbler

• Electric locks are comprised of electronic devices with scanners thatidentif users and com uters that rocess codes

Electric Locks

• Electric locks consist of the following types:• Card access systems• Electronic combination locks• Electroma netic locks



• Biometric entry systems



Lock Picking

a lock without the use of its key

To prevent lockpicking:

• Use a better quality of lock • Do not give the keys to anyone, as

key imprints can be taken formakin a du licate ke

• Do not reveal the lock codes



L k Pi ki T l



Lock Picking Tools

Auto Jigglers

Cylinder Lock

Lock Picking Set

Shovit Tool

Tubular Lock Picks



Broken Key PullersElectrick Pick Jack Knife

L k Pi ki T l ( t’d)



Lock Picking Tools (cont’d)





Information Security

Hierarchical view to secure information:

Password protection /Complex passwords

Encrypted file system

Anti virus software

Firewalls

ntrus on etect on systems

Patches and updates



Lock down unwanted ports /devices

( l i h i l i )



EPS (Electronic Physical Security)

An integrated application of a number of electronic security systems

EPS includes:

•• Automatic gas suppression systems• CCTV systems (IP Networks, Matrix

Switchers, DVR camera specifications, etc.)• RFID-Biometric- Smart Card Access Control

Systems• Intrusion detection systems

(Perimeter fencing, Crash barriers, Automatic Retraceable Bollards, Turnstiles,Undercarriage Scanners, X-



,• Guarding equipment and guarding plan

Wi l S it



Wireless Security

Wireless Security Measures:

• Checking the wireless traffic• Enabling WEP/WPA on the wireless

• MAC address control• End-to-end encryption

•• Access points evaluation



L Th f S i i f



Laptop Theft Statistics for 2007



ource: ttp: www.not ce ore .com

Statistics for Stolen and





Source: http://articles.techrepublic.com.com/

L t Th ft



Laptop Theft

• What information of a strategic nature would be

If a laptop were lost...

sc oseReal examples of this type of information include pendingmergers, new product intellectual property, strategies and

launch plans, and previously undisclosed financial operatingresu ts• What information of a tactical nature would be

disclosed?Exam les include rivate com ensation information, lans fororganizational changes, proposals to clients, and the myriad ofsimilar information that can be gained from reading a person'semail, calendar, contacts, or collection of documents ands readsheets



L t Th ft (cont’d)



Laptop Theft (cont’d)

If a laptop were lost...

• What information about the company's network orcomputing infrastructure would be revealed that

would facilitate an electronic attack?

Exam les of this t e of information include usernames andpasswords, dial in numbers, IP addressing schemes, DNSnaming conventions, ISPs used, primary email servers, andother networking details related to connecting the laptop to thecor orate or Internet environment

• What personal information about the laptop ownercan be obtained?



Laptop theft: Data Under Loss



Laptop theft: Data Under Loss



Source: http://news.com.com

News



News



. . .

Laptop Security Tools



Laptop Security Tools

w w w .co m p u t er secu r i t y .co m



Laptop Tracker - XTool Computer



p p p

What happens when your computer has been lost or stolen? tea t s gnaControl center

Don't you wish your computer could call you and tell you it'slocation?

This signature software based transmitter secretly sends a signal tothe Stealth Signal Control Center via a telephone or Internetconnection, to track its location when lost or stolen

Each signal received by the Control Center provides enoughinformation to track the location of the computer in case of a loss or



theftource: www.compu ersecur y.com

Tools to Locate Stolen Laptops



Tools to Locate Stolen Laptops

These are ro rams that will re ort the location of a stolen la to

They work when the laptop connects to the Internet

Ztrace Gold

• www.ztrace.com

CyberAngel

• www.sentryinc.com

Com utracePlus



• www.computrace.com

Stop's Unique, Tamper-proof



STOP laces "Stolen Pro ert " and a toll-free number for verificationand anti-theft information

s a oo canno e remove y any means w ou mar ng ordefacing the case, and the police and resellers recognize such a mark asa telltale sign that the property is stolen

EC-CouncilCopyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited

Source: http://www.securitygroupintl.com/

Tool: TrueCrypt



Tool: TrueCrypt

establishing and maintaining an on-

the-fly-encrypted volume (datastorage device)

On-the-fly encryption means thatdata is automatically encrypted or

loaded or saved, without any user’sintervention

It is a free open source tool


Source: www.truecrypt.org

Laptop Security Countermeasures



Laptop Security Countermeasures

Encrypt sensitive data

Back up everything on the laptop

race a sto en aptop s ocat on

Set BIOS password on the laptop

Consider laptop PC insurance

-

Use physical Kensington Locks


Use strong hardware-based security

Mantrap



Mantrap

Mantrap provides alternate access for resources

It consists of two separate doors with an airlock in between

It restricts access to the secure areas

It permits users to enter the first door and requiresauthentication access to exit from the second door

• Pose difficulty in intruding into a single door

Security is provided in three ways:


• Evaluates a person before discharging• Permits only one user at a time

Mantrap: Diagrammatical



Request for access (NormallyOpen)

Request for access(Normally Open)

eques or access orma yClosed)

Door Closed Switch(Closed = Secure)

eques or access(Normally Closed)

Door Closed Switch(Closed = Secure)

Door 1

Inputs

Door 2

Inputs

Door 1

Outputs

Door 2

Outputs

Magnetic Lock

Electric Strike

Green Li ht

Magnetic Lock

Electric Strike

Green Li ht00


Door 1 Inputs Door 2 Inputs

TEMPEST



TEMPEST

TEMPEST refers to Transient Electro Magnetic Pulse Emanation Surveillance

Technology for monitoring the devices that emit electromagnetic radiations

• Functional Sources

Sources of TEMPEST

signal generators

• Incidental Sources• Do not generate electromagnetic energy such as

electromechanical switches and brush-t e motors

• RED Baseband Signals

Types of TEMPEST


• Modulated Spurious Carriers• Impulsive Emanations

Challenges in Ensuring Physical



Enforcing security policies

Restrictions for sharingexperience and knowledge

Cost and Time factors

Terrorism

Sophisticated Technologies


Spyware Technologies



py g

, , by your employees can defeat your physical security policy

• Video Recorders• Audio Devices• Bug DetectorsCate ories

• Home Security • Spy Gear


Spying Devices



py g

Spy Glasses Lock Pick Set

Spy CameraNight vision Camera




Spying Devices (cont’d)



py g ( )

Voice Recorders Voice Changer

Can Safe and Book Safe To detect Spy cameras

EC-Council Copyright © byEC-Council


Spying Devices (cont’d)



Spy camera hidden insidea ceiling fan

Spying Camera

Phishing Intrusion Cell



Physical Security: Lock Down



Sometimes, it may not assure guaranteed protection against stealing of data

What if the intruder carries his own USB memory sticks and connects them to thecomputers at their office?

In a fraction of a second, an intruder can steal all the business information needed forestablishing his own company where he can get the customer’s database

To prevent the above situations, there is a need for the administrator to lock down theUSB ports

Administrators secure their networks behind firewalls by:

• nsta ng ema ters on t e r servers

• Installing anti-virus software on all client workstations

USB stick can be used to:



• Ho an entire company s vita ata• Compromise the network with an infected stick

Tool: DeviceLock



Device Lock is a device control solution tosafeguard network computers against internal

• Network administrators can lock out

Using Device Lock:

unauthorized users from USB

• Administrators can control access to anydevice like floppies, serial and parallelports, Magneto-Optical disks, CD-ROMs,

,• Generate a report concerning the

permissions that have been set• Provide a level of precision control over

device resources unavailable• rant users temporary access to

devices when there is no networkconnection• Control the system remotely using the

centralized management console



• Generate a report displaying the USB,FireWire, and PCMCIA devices

Source: www.devicelock.com

Blocking the Use of USB Storage





DeviceLock Screenshots

Track Stick GPS TrackingDevice



Track Stick records its own location, time, date, speed,,

It can store months of travel information

It receives signals from 24 satellites orbiting the Earth, where it can calculate its own position anywhere to within

Advantages:

• If the laptop is stolen, this device is able to keeptrack of its location, so that it is found easil



• Tells you how long the “target” has stayed in oneplace

What Happened Next



Michael examined organization premises, access control systems, anduestioned ersonnel

• Poor access control systems

He pointed out the followingloopholes:

• bsence of monitoring mechanisms• No dedicated officer looked after physical security

matters

• Install Biometric and CCTV systems forcontrolling access to the restricted areas

• Precautionar arran ements for nature caused

He suggeste t e o owing measures:

disasters

• Deployment of physical security officers• Maintain physical security checklist

’



structures

Summary



Appoint Security officers, who would be accountable for any security breach in a firm

Device Lock is a device control solution to safeguard the network computers against

internal and external attacks All or anizations should have a checklist for h sical securit as a art of their securitcheck-ups

You cannot do anything to prevent natural disasters, but the loss can be decreasedsubstantially if a security policy is properly implemented

All the employees should take responsibility in handling security issues

Physical security checklist should be maintained for performing regular checks on

Biometrics can be used as an effective access control of restricted areas



mp emen a on o p ys ca secur y po cy an soc a eng neer ng ac cs are e wo gchallenges for physical security













Documents

CEHv6 Module 21 Physical Security.pdf