Penetration Testing PDF
Document Details
Uploaded by Deleted User
Caribbean Maritime University
Tags
Summary
This document provides a course summary for a Cybersecurity and Digital Forensics BSc. The course covers penetration testing, ethical hacking, and network defense. It also details the objectives and evaluation methods for this program.
Full Transcript
Profile Leonardo Brown ▪ MBA Information Systems ▪ MSc. Cyber Security ▪ BSc. Telecommunications Engineering ▪ GIAC® Penetration Tester (GPEN) ▪ Over 30 Years – ICT/Digital Transformation ▪ Email: [email protected] ▪ Telephone: 876-428-3091 Profile...
Profile Leonardo Brown ▪ MBA Information Systems ▪ MSc. Cyber Security ▪ BSc. Telecommunications Engineering ▪ GIAC® Penetration Tester (GPEN) ▪ Over 30 Years – ICT/Digital Transformation ▪ Email: [email protected] ▪ Telephone: 876-428-3091 Profile Michelle Reid ▪ MSc Teaching ▪ BSc. Human Resource Management ▪ Certified Management Analyst ▪ Email: [email protected] ▪ Telephone: 876-236-0211 CARIBBEAN MARITIME UNIVERSITY Penetration Testing, Ethical Hacking and Network Lecturer: Leonardo Brown, MSc ,MBA, BSc GPEN COUSE SUMMARY Course :BSc. in Cyber Security and Digital Forensics Course Ref :CSD4115 Course Title :Penetration Testing, Ethical Hacking and Network Defence Duration :45 Hours Credits :3 Semester :7 The purpose of this course is to guide students in becoming a skilled security tester. The course is designed to introduce student to the hacking strategies and tactics used by ethical or “White Hat” hackers. Methods of vulnerability exploitation PURPOSE/WHY Open-Source scripting languages and hacking tool kits. By understanding what tools and methods a hacker uses to break into a network, security testers can protect systems from these attacks At the end of this course, you should be able to: Determine what an ethical hacker can and cannot do legally and evaluate credentials and roles of penetration testers. Perform reconnaissance on a target network using a variety of scanning and probing techniques. Describe the different types of malicious software and what damage they can do Enumerate and classify Microsoft and Linux Operating OBJECTIVES Systems vulnerabilities. Take control of Web Servers and wireless networks, and protect them. Evaluate and select cryptography and hashing methods, and perform attacks against them. Select and implement security devices, including routers, firewalls, Intrusion Detection Systems, and honeypots. METHODS OF EVALUATION Coursework 50% Individual Presentation - 10% Group Presentation – 10% Lab/Pop Quiz – 5% Mid-module Examination – 25% Final Examination 50% UNIT ONE Ethical Hacking Overview Describe the role of an ethical hacker Describe what you can do legally as an ethical hacker Describe what you cannot do as an ethical hacker UNIT TWO TCP/IP Concepts Review Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the binary, octal, and hexadecimal numbering system ETHICAL HACKING OVERVIEW The Mindset of Penetration Testers and Ethical Hackers Overview Successful penetration testers and ethical hackers must maintain a mindset that involves two often contradictory- sounding concepts – Think outside of the box, be pragmatic, do things differently –But at the same time, be thorough, methodical, and careful; take good notes; and make your work repeatable Balance between these two is crucial for success ETHICAL HACKING OVERVIEW To start the session, we need to define some terms so that the terminology is consistently used throughout the rest of the class What is ethical hacking ? How is it associated with penetration testing? How do vulnerability scans and penetration tests differ ? ETHICAL HACKING OVERVIEW Ethical hacking and penetration testing are tools for dealing with threats, vulnerabilities, risks, and exploits. Many people in the information security business throw around these terms interchangeably, often confusing threats with risk or vulnerabilities with exploits. Each has a distinct meaning, though, and the terms should be applied carefully. Threat – is an actor or agent that may want to or actually can cause harm to the target organization. Threats include organized crime, spyware companies, and disgruntled internal employees who start ETHICAL attacking their employer. HACKING Worms and viruses also represent threats because they could cause harm in your organization—even OVERVIEW without a human directing them to do so—by infecting machines and causing damage automatically. ETHICAL HACKING OVERVIEW Vulnerability – is a flaw in the environment that an attacker can use to cause damage. numerous arenas in environments, including architectural design, business processes, deployed software, and system configurations Risk – where threat and vulnerability overlap. That is, a risk occurs when systems have a vulnerability that a given threat can attack. ETHICAL HACKING OVERVIEW Exploit – is the vehicle by which the attacker uses a vulnerability to cause damage to the target system. The exploit could be a package of code that generates packets that overflow a buffer in software running on the target. Alternatively, the exploit could be a social engineering scheme whereby the bad guy talks a user into revealing sensitive information, such as a password, over the phone As security professionals: Work hard to minimize this risk by minimizing vulnerabilities and blocking threats. That's what penetration testing is all about ETHICAL Model the activities of real-world threats to discover find vulnerabilities … and then, in a controlled fashion, HACKING to exploit these vulnerabilities to determine the business risk they pose to the organization … and OVERVIEW Then recommend appropriate defenses. These recommendations must apply in light of the operations environment of the target organization The term hacking means different things to different people: Traditionally, hacking refers to the exploration of technology, trying to understand it at a deep level to ETHICAL manipulate it into doing something that it was not designed to do. HACKING OVERVIEW People started to use the term ethical hacker to refer to individuals who applied the process of breaking into computer systems but with the wholesome purpose of finding security vulnerabilities so that they could be fixed Pulling all this together : ETHICAL HACKING OVERVIEW Ethical hacking: ethical hacking is the process of using computer attack techniques to find security flaws with the permission of the target owner and the goal of improving the target's security. The overall penetration testing process involves preparation, testing, and conclusion phases. Non-Disclosure Agreement (NDA), especially if the test is conducted by a third-party organization. ETHICAL HACKING Rules of Engagement that describe how the testing will occur. OVERVIEW Next, the scope of the test is determined The next step is absolutely crucial. You need to get official, written permission to conduct the test, even if it is against targets in your own organization. Many countries have instituted laws for dealing with crimes committed using a computer, so-called cybercrime laws. ETHICAL As penetration testers and ethical hackers, we want to make sure we carefully adhere to the laws of the HACKING countries in which we operate. OVERVIEW Your Permission Memo (the Get Out of Jail Free Card) is a helpful thing in ensuring that you have the permission of the target organization that owns and operates the systems you will test UNIT TWO TCP/IP Concepts Review Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the binary, octal, and hexadecimal numbering system IP VERSION 4 (IPV4) HEADER The TTL field is 8 bits long and indicates how many hops this packet can travel before it must be discarded Source IP Address- Where packets are sent from Destination IP Address- Where the packets are sent TCP/IP CONCEPTS REVIEW When you configure the TCP/IP protocol on a Windows computer, the TCP/IP configuration settings require: An IP address A subnet mask A default gateway TCP/IP CONCEPTS REVIEW An IP address is a 32-bit number. It uniquely identifies a host (computer or other device, such as a printer or router) on a TCP/IP network. IP addresses are normally expressed in dotted-decimal format, with four numbers separated by periods, such as 192.168.123.132. TCP/IP CONCEPTS REVIEW For example, the dotted-decimal IP address 192.168.123.132 is (in binary notation) the 32-bit number 110000000101000111101110000100. This number may be The example IP address, then, becomes 11000000.10101000.01111011.10000100. These 8-bit sections are known as octets. TCP/IP CONCEPTS REVIEW The second item, which is required for TCP/IP to work, is the subnet mask. The subnet mask is used by the TCP/IP protocol to determine whether a host is on the local subnet or on a remote network. TCP/IP CONCEPTS REVIEW Example: The subnet mask is 255.255.255.0 In this example. It isn't obvious what this number means unless you know 255 in binary notation equals 11111111. So, the subnet mask is 11111111.11111111.11111111.00000000. TCP/IP CONCEPTS REVIEW If a TCP/IP computer needs to communicate with a host on another network, it will usually communicate through a device called a router. In TCP/IP terms, a router that is specified on a host, which links the host's subnet to other networks, is called a default gateway. TCP/IP CONCEPTS REVIEW END OF PRESENTATION