Computer Science and Security | Task Report
Added on 2022-09-05
43 Pages3989 Words16 Views
|
|
|
Computer Science and Security
Table of Contents
Introduction....................................................................................................................................1
Task 1.............................................................................................................................................2
1.1 Overview..........................................................................................................................2
1.2 Penetration Testing Methodologies.............................................................................2
1.3 Standard Operating Procedure for Penetration Testing...........................................3
1.4 Decision Tree Analysis for Pen Testing......................................................................5
Task 2.............................................................................................................................................7
2.1 Overview..........................................................................................................................7
2.2 Attacking Narrative.........................................................................................................7
Gathering of Information..................................................................................................7
Scanning & Enumeration Process...............................................................................13
Scanning of Nessus Vulnerability................................................................................28
Exploiting the Vulnerabilities........................................................................................31
2.3 Vulnerability Mitigation.................................................................................................34
Overall Conclusion & Reflection...............................................................................................37
References...................................................................................................................................38
Appendix.......................................................................................................................................40
Introduction....................................................................................................................................1
Task 1.............................................................................................................................................2
1.1 Overview..........................................................................................................................2
1.2 Penetration Testing Methodologies.............................................................................2
1.3 Standard Operating Procedure for Penetration Testing...........................................3
1.4 Decision Tree Analysis for Pen Testing......................................................................5
Task 2.............................................................................................................................................7
2.1 Overview..........................................................................................................................7
2.2 Attacking Narrative.........................................................................................................7
Gathering of Information..................................................................................................7
Scanning & Enumeration Process...............................................................................13
Scanning of Nessus Vulnerability................................................................................28
Exploiting the Vulnerabilities........................................................................................31
2.3 Vulnerability Mitigation.................................................................................................34
Overall Conclusion & Reflection...............................................................................................37
References...................................................................................................................................38
Appendix.......................................................................................................................................40
Introduction
A report on penetration testing is presented, whose objective denotes the
identification of security weakness. Penetration testing/pen testing could be utilized for
testing the security policy of an organization, observe its compliance requirements,
security awareness among the employees, and the ability of an organization to
recognize and respond in case of security incidents. The information associated to
security weaknesses exploited via pen testing are generally combined and given to the
IT and network system managers of the organization, which helps them to improve their
strategic decisions and ensure to prioritize their efforts of remediation.
The companies use the penetration testing for testing their software and
infrastructures’ security. In this type of testing process, the security experts act as
hackers for recognizing the security holes, prior to its encounter with the actual hackers.
A pen tester aims to collect organizational information in association with the
vulnerabilities (DigiCert, 2019). The key difference between a pen tester and a hacker is
permission and reporting (Choudary, 2019).
This report will provide the type of methodologies and SOP to perform
penetration tests. Next, the information system will be explained using the SOPs.
1
A report on penetration testing is presented, whose objective denotes the
identification of security weakness. Penetration testing/pen testing could be utilized for
testing the security policy of an organization, observe its compliance requirements,
security awareness among the employees, and the ability of an organization to
recognize and respond in case of security incidents. The information associated to
security weaknesses exploited via pen testing are generally combined and given to the
IT and network system managers of the organization, which helps them to improve their
strategic decisions and ensure to prioritize their efforts of remediation.
The companies use the penetration testing for testing their software and
infrastructures’ security. In this type of testing process, the security experts act as
hackers for recognizing the security holes, prior to its encounter with the actual hackers.
A pen tester aims to collect organizational information in association with the
vulnerabilities (DigiCert, 2019). The key difference between a pen tester and a hacker is
permission and reporting (Choudary, 2019).
This report will provide the type of methodologies and SOP to perform
penetration tests. Next, the information system will be explained using the SOPs.
1
Task 1
1.1 Overview
The objective of this part is to take a look at the types of pen testing
methodologies available, and the procedure to be followed, including the analysis of pen
testing.
1.2 Penetration Testing Methodologies
The methods and types of penetration testing could be divided based on the
target machine’s knowledge or the penetration tester’s position. However, there also
exists some other set of parameters for categorization of the penetration and they are
represented in the following section (The Official 360logica Blog, 2019).
Black Box, Gray Box, & White Box:
Whit box pen test is required if the penetration tester is provided full information
of the target machine. The attacker comprises of full information such as code samples,
IP addresses, controls in place, and so on. If the hacker lacks target’s complete
information then it is denoted as the black box penetration testing. It is necessary to
keep in mind that the tester could however contain all the publicly available information
of a target. In case there the tester has target’s partial information, then it is denoted as
the gray box penetration testing. In this case, the hacker contains some information of
the target like IP addresses, URLs, etc., however, it lacks access or full knowledge. It is
in association with the knowledge.
Internal & External Penetration test:
2
1.1 Overview
The objective of this part is to take a look at the types of pen testing
methodologies available, and the procedure to be followed, including the analysis of pen
testing.
1.2 Penetration Testing Methodologies
The methods and types of penetration testing could be divided based on the
target machine’s knowledge or the penetration tester’s position. However, there also
exists some other set of parameters for categorization of the penetration and they are
represented in the following section (The Official 360logica Blog, 2019).
Black Box, Gray Box, & White Box:
Whit box pen test is required if the penetration tester is provided full information
of the target machine. The attacker comprises of full information such as code samples,
IP addresses, controls in place, and so on. If the hacker lacks target’s complete
information then it is denoted as the black box penetration testing. It is necessary to
keep in mind that the tester could however contain all the publicly available information
of a target. In case there the tester has target’s partial information, then it is denoted as
the gray box penetration testing. In this case, the hacker contains some information of
the target like IP addresses, URLs, etc., however, it lacks access or full knowledge. It is
in association with the knowledge.
Internal & External Penetration test:
2
External penetration testing refers when a pen test is performed from the external
network, and it is vice versa for the internal penetration testing i.e., here the attacker are
available within a network (SearchSecurity, 2019). Being an internal person, the hacker
has the system knowledge and the target will be abundant in comparison with the test
conducted externally.
In-house & Third party Penetration Test:
In case where the test is performed by the in-house security team, then in such
case it is other type of internal penetration testing. The third-party organizations are
hired by the companies for performing such tests and is known as the third-party
penetration testing.
Blind & Double-Blind Penetration Test:
The blind penetration test, uses the penetration tester which has no prior
information, instead it contains the name of the organization. Penetration tester is
required to do a complete research as a sensible attacker. Although it might take time,
however it can give good output which could be closer to practical attacks. The double-
blind test is similar to the blind test, however the security experts are unware of when
the test commences, because this information is known only by the senior
management. This ensures to test all the processes, then the security team is controlled
and are made aware of the real attacks.
1.3 Standard Operating Procedure for Penetration Testing
The execution standards involved in the pen testing are adopted from the
security community’s board members for establishing the fundamental principles to
3
network, and it is vice versa for the internal penetration testing i.e., here the attacker are
available within a network (SearchSecurity, 2019). Being an internal person, the hacker
has the system knowledge and the target will be abundant in comparison with the test
conducted externally.
In-house & Third party Penetration Test:
In case where the test is performed by the in-house security team, then in such
case it is other type of internal penetration testing. The third-party organizations are
hired by the companies for performing such tests and is known as the third-party
penetration testing.
Blind & Double-Blind Penetration Test:
The blind penetration test, uses the penetration tester which has no prior
information, instead it contains the name of the organization. Penetration tester is
required to do a complete research as a sensible attacker. Although it might take time,
however it can give good output which could be closer to practical attacks. The double-
blind test is similar to the blind test, however the security experts are unware of when
the test commences, because this information is known only by the senior
management. This ensures to test all the processes, then the security team is controlled
and are made aware of the real attacks.
1.3 Standard Operating Procedure for Penetration Testing
The execution standards involved in the pen testing are adopted from the
security community’s board members for establishing the fundamental principles to
3
perform the pen test. This tests main aim includes identification of vulnerabilities in the
systems present in an organization. Additionally, it even recognizes the weaknesses in
security policies and users which might have been exploited by the
hackers/cybercriminals for harming the organization. The SOP (Standard Operating
Procedure) is explained in this part to execute the penetration test against the target.
The basic and standard steps involved this involves the following phases:
I. Pre-engagement interactions
II. Information gathering
III. Threat modeling
IV. Exploitation of the vulnerability
V. Post exploitation
VI. Analyzing the vulnerability
VII. Reporting
The initial step requires the pre-engagement plan, which contains the penetration
test’s scope, along with roles and responsibilities of employees, how they spend their
time in an organization, and utilization of resources at their disposal. This step even
defines the engagement rules along with the main activities’ timelines, handling the
evidences, legal considerations, technologies and the capabilities (Medium, 2019).
The next step includes to collect information/intelligence gathering by conducting
investigation against a target machine, this ensures to gather enough information. The
pen tester chooses and names a target, considers the engagement rule’s limitations,
decides the test’s time-length, defines the test’s final goals and only then starts the
information gathering process in association with a target machine. The significant
4
systems present in an organization. Additionally, it even recognizes the weaknesses in
security policies and users which might have been exploited by the
hackers/cybercriminals for harming the organization. The SOP (Standard Operating
Procedure) is explained in this part to execute the penetration test against the target.
The basic and standard steps involved this involves the following phases:
I. Pre-engagement interactions
II. Information gathering
III. Threat modeling
IV. Exploitation of the vulnerability
V. Post exploitation
VI. Analyzing the vulnerability
VII. Reporting
The initial step requires the pre-engagement plan, which contains the penetration
test’s scope, along with roles and responsibilities of employees, how they spend their
time in an organization, and utilization of resources at their disposal. This step even
defines the engagement rules along with the main activities’ timelines, handling the
evidences, legal considerations, technologies and the capabilities (Medium, 2019).
The next step includes to collect information/intelligence gathering by conducting
investigation against a target machine, this ensures to gather enough information. The
pen tester chooses and names a target, considers the engagement rule’s limitations,
decides the test’s time-length, defines the test’s final goals and only then starts the
information gathering process in association with a target machine. The significant
4
capability that the pen tester should have includes, knowing how to learn the important
information of the targeted organization prior to the commencement of a pen test.
Additionally, it is essential to provide a reasonable endeavor for learning more about
self-explanatory methods and its security position, and how to successfully attach this
organization (Red Team Security, 2019). Henceforth, even a small information gathered
by the pen tester could generate helpful insights of the important characteristics of a
security systems in place.
The following step has penetration testing, which contains the introductory
briefing, a technical and administrative meeting, an executive briefing prior to the
commencement of the pen test on a targeted machine which passes various phases
like investigation, vulnerability exploitation, analysis, and appropriate suggestions
(Passi, 2019).
Once the pen test is finished, in-depth report is documented by the team. This
report contains the recognized vulnerabilities and appropriate suggestions. The team
then completes the exit briefing, where the team members are asked to summarize the
identified vulnerabilities, show the results in a report form and discussing implication of
the found results, evaluate the result of security program on a target system and its
management structure. Finally, appropriate suggestions are presented. The pen test
contains exercises which are capable of gathering and presenting the target machine’s
vulnerabilities. Effective tools and methodologies are utilized for ensuring the
completion of the task correctly.
5
information of the targeted organization prior to the commencement of a pen test.
Additionally, it is essential to provide a reasonable endeavor for learning more about
self-explanatory methods and its security position, and how to successfully attach this
organization (Red Team Security, 2019). Henceforth, even a small information gathered
by the pen tester could generate helpful insights of the important characteristics of a
security systems in place.
The following step has penetration testing, which contains the introductory
briefing, a technical and administrative meeting, an executive briefing prior to the
commencement of the pen test on a targeted machine which passes various phases
like investigation, vulnerability exploitation, analysis, and appropriate suggestions
(Passi, 2019).
Once the pen test is finished, in-depth report is documented by the team. This
report contains the recognized vulnerabilities and appropriate suggestions. The team
then completes the exit briefing, where the team members are asked to summarize the
identified vulnerabilities, show the results in a report form and discussing implication of
the found results, evaluate the result of security program on a target system and its
management structure. Finally, appropriate suggestions are presented. The pen test
contains exercises which are capable of gathering and presenting the target machine’s
vulnerabilities. Effective tools and methodologies are utilized for ensuring the
completion of the task correctly.
5
1.4 Decision Tree Analysis for Pen Testing
The attack trees are utilized for categorizing various methods that can attack the
information system. In this tree, the root node denotes the attacker’s global goal,
whereas the attacks are denoted by the nodes. The node’s children are utilized for
refining the goal of the node under consideration. The node’s leaves denote the attacks
which can’t be refined any more (Happiest Minds, 2019).
The Appendix part will represent the attack tree to gain unauthorized access of a
Linux server. The attacker’s global goal includes gaining server’s access. The attacker
contains a set of options and they are direct system accessing in case where the user
has not set the password, learning the password, password guessing or utilizing the
default password which the attacker already know. The password learning’s sub-goals
could be achieved by blackmailing, threatening, bribing or spying the password of a
user. The arc connecting installs the keyboard sniffer and receives the sniffer files,
which are presented by AND, so it denotes that each of sub-goals must be fulfilled. All
other arcs in the attack tree are shown by OR, which is a function that means satisfying
a single sub-goal (Rapid7, 2019).
6
The attack trees are utilized for categorizing various methods that can attack the
information system. In this tree, the root node denotes the attacker’s global goal,
whereas the attacks are denoted by the nodes. The node’s children are utilized for
refining the goal of the node under consideration. The node’s leaves denote the attacks
which can’t be refined any more (Happiest Minds, 2019).
The Appendix part will represent the attack tree to gain unauthorized access of a
Linux server. The attacker’s global goal includes gaining server’s access. The attacker
contains a set of options and they are direct system accessing in case where the user
has not set the password, learning the password, password guessing or utilizing the
default password which the attacker already know. The password learning’s sub-goals
could be achieved by blackmailing, threatening, bribing or spying the password of a
user. The arc connecting installs the keyboard sniffer and receives the sniffer files,
which are presented by AND, so it denotes that each of sub-goals must be fulfilled. All
other arcs in the attack tree are shown by OR, which is a function that means satisfying
a single sub-goal (Rapid7, 2019).
6
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
What is Penetration Testing and How Does It Work? -lg...
|12
|2793
|15
Ethical Hacking: Introduction, Pen Testing Approach, Results and Findingslg...
|7
|1139
|93
Penetration Testinglg...
|14
|3069
|417
Penetration Testing Report And Managementlg...
|12
|2862
|10
Top 5 Penetration Testing Methodologies and Standardslg...
|11
|2477
|29
SOP for Pen Testing - Reflectionlg...
|13
|3107
|17