Main goal of penetration testing is to report identified vulnerabilities and to determine how severe the vulnerabilities are.
The five steps of penetration testing:
1. Discovery - Gather info about the system you are going to attempt to gain unauthorized access to.
2. Enumeration - Perform scans to find out ways you might be able to accomplish your penetration goals.
3. Vulnerability Mapping - Actually identify your found vulnerabilities and document them
4. Exploitation - Attempt to break into the system.
5. Report to Management - Show them what you found, if you gained unauthorized access, how sever it is, and what can be done to protect against all of these new found vulnerabilities.
Monday, December 1, 2014
Chapter 11: Security Operations - Email Security
I found a great article that describes how email works in pretty simple terms:
http://www.howtogeek.com/56002/htg-exp
Here are a few of the email attack methods hackers can use to obtain information:
Browsing- When an attacker is looking for important data but does not know what format it is in.
Sniffing - Also known as a network analyzer. When used in the wrong way, they can capture user names and passwords, but the good guy usually uses them to diagnose network problems.
Session Hijacking - Using a different IP address from their own in order to take over a session between two computers. They then spy on the connection to see if it is worthwhile to place themselves in the middle of communication between the two machines.
Loki- Utilizes ICMP to enable an attacker to to covertly communicate with another system.
Password Cracking - Using software to guess static passwords, and gain access to confidential information.
Backdoor- program that allows attackers to login, and then come back at a later date without having to supply the appropriate credentials to gain access again.
http://www.howtogeek.com/56002/htg-exp
Here are a few of the email attack methods hackers can use to obtain information:
Browsing- When an attacker is looking for important data but does not know what format it is in.
Sniffing - Also known as a network analyzer. When used in the wrong way, they can capture user names and passwords, but the good guy usually uses them to diagnose network problems.
Session Hijacking - Using a different IP address from their own in order to take over a session between two computers. They then spy on the connection to see if it is worthwhile to place themselves in the middle of communication between the two machines.
Loki- Utilizes ICMP to enable an attacker to to covertly communicate with another system.
Password Cracking - Using software to guess static passwords, and gain access to confidential information.
Backdoor- program that allows attackers to login, and then come back at a later date without having to supply the appropriate credentials to gain access again.
Chapter 11: Security Operations - Network and Resource Availability
Backup Technologies:
Disk Shadowing - Technology designed by Microsoft. A snapshot is taken of a disk image that can then return a drive to its previous state if need be.
Redundant Servers - Servers that possess the capability of taking over immediately if a primary server fails.
RAID - Redundant array of independent disks. The key here is redundancy. Data is stored across multiple drives but is only seen as one disk. The technique used here is known as striping.
MAID - Massive array of inactive disks. Saves on energy consumption. Drives that do not need to be in use remain powered down until they are called upon.
RAIT - Redundant array of independent tapes. Almost the same as RAID, bust uses tape drives instead of disks. An advantage of this is that it is lower cost.
Clustering - The grouping of servers that might be in a completely different places, but all of these servers can be managed as a single system.
Backups - Having a way to restore data when something bad happens. Examples include software corruption, hard drive failure, and natural disaster.
Disk Shadowing - Technology designed by Microsoft. A snapshot is taken of a disk image that can then return a drive to its previous state if need be.
Redundant Servers - Servers that possess the capability of taking over immediately if a primary server fails.
RAID - Redundant array of independent disks. The key here is redundancy. Data is stored across multiple drives but is only seen as one disk. The technique used here is known as striping.
MAID - Massive array of inactive disks. Saves on energy consumption. Drives that do not need to be in use remain powered down until they are called upon.
RAIT - Redundant array of independent tapes. Almost the same as RAID, bust uses tape drives instead of disks. An advantage of this is that it is lower cost.
Clustering - The grouping of servers that might be in a completely different places, but all of these servers can be managed as a single system.
Backups - Having a way to restore data when something bad happens. Examples include software corruption, hard drive failure, and natural disaster.
Subscribe to:
Comments (Atom)