Embed Size (px)
Citation preview
DIYTP 2009
Assessing a System - Basics Why?
Vulnerabilities What to look at:
The six ‘P’s Patch Ports Protect Policies Probe Physical
Assessing a System - Basics Patches
First rule of computer security Patches are released for all types of
software, all the time MUST BE UP-TO-DATE!! Organization should have a patch
management policy/system
Assessing a System - Basics Ports
Should be managed by ‘least privilege’ principle
Ports which are not needed, should be shut down ….as well as their associated services
Protect Protective software/devices should be used
Firewall IDS Anti-virus
Assessing a System - Basics Policies
Should be reviewed periodically as organizational needs and software/hardware changes
Types: Acceptable use (i.e. e-mail, Internet use) Disaster recovery Password
Assessing a System – Basics Probe
Take a look and see what the network looks like
Should use multiple analysis tools to assess your network
Look for security flaws Should be scheduled regularly
Assessing a System - Basics Physical
Policy or procedures should address how systems are secured Do they need to be locked up?
Backup media Is it stored in a secure location? (i.e.
fireproof safe) Routers/switches/hubs
Who has access? How should it be secured?
Assessing a System – Initial Reconnaissance Tools
Nslookup IP addresses Records for domain
Whois Owner of a domain, IP address
ARIN IP address allocation
Assessing a System – Initial Reconnaissance Netcraft www.netcraft.com
What the target is running VisualRoute www.visualware.com
Visual traceroute to target Sam Spade www.samspade.org
Multiple tools in one package
Assessing a System – Social Engineering Social Engineering
People are security’s weakest link Many attack vectors
Impersonation Dumpster diving Shoulder surfing
Assessing a System - Scanning Common Tools:
Nmap and Nessus Finds hosts Operating system Firewalls Vulnerabilities
Ping IP Connectivity
Traceroute Maps out route to target
