networktools.pdf

(863 KB) Pobierz
Tools for penetration tests
Carlo U. Nicola, HT FHNW
With extracts from documents of :
Google; Wireshark; nmap; Nessus.
What is a penetration test?
Goals:
1.
2.
3.
Analysis of an IT-environment and search for exploitable vulnerabilities
“Simulation" of the behaviour of an attacker
The effort spent is an indication of the effort an attacker would have to
spend to achieve the same results (i.e. to uncover vulnerabilities)
Phases of a penetration test:
(1) Foot-printing: collecting relevant information about the target environment
(2) Scanning: examine the target networks and hosts in more detail
(3) Analysis : identify the systems that will be analyzed in detail during the
following phase
(4) Exploitation: demonstrate proof-of-concept or "real“ exploits
(5) Reporting: Prepare a written report and an oral presentation, including
concrete recommendations
NS HS11 2
Foot-printing
Foot-printing means collecting the profile of the target openly accessible in Internet.
What information are we interested in?
A not exhaustive list:
1.
2.
3.
4.
5.
Domain names,
Contact persons,
Interesting pairs (hostnames, IP addresses) connected with
the company’s name,
IP address blocks,
Internal system configurations
NS HS11 3
Foot-printing: Domain names (1) + (2)
The following tools are most useful in this phase:
1. Google (simple type the company domain name and
analyse all additional domains linked to it.)
2. whois
as command on *nixes or as service via links:
whois.iana.org
(query the TLD (Top Level Domain) field
i.e.
ch
for Switzerland. For
.li
and
.ch
TLD
http://www.nic.ch
gives the most authoritative answers.
3. Browsing the company page. Use the search function within
the company page with the contact info you extracted from
the
whois
search.
NS HS11 4
An versatile test tool: Google
NS HS11 5

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin