...Megan Patterson IS4560 Monday E1 Class Week 1-Penetration Test Plan June 17, 2013 Attack and Penetration Test Plan Megan Patterson IS4560 Childers June 17, 2013 External Penetration testing tests the security surrounding externally connected systems from the Internet, as well as within a corporate network. Controlled tests are used to gain access to Internet resources and ultimately to the DMZ, which is an internal network; by going through and around firewalls from the Internet. External Penetration Testing involves the finding and exploitation of actual known and unknown vulnerabilities from the perspective of an outside attacker. The External Attack and Penetration testing Process is as follows: * Phase 1-Discovery * Analysis * Footprint * Identify * Phase 2-Services * Ping * Map * Scan * Phase 3-Enumeration * Extract * Collect * Intrusive * Phase 4-Application Layer Testing * Manual * Depth * Blind * Phase 5-Exploit * Attack * Penetrate * Compromise The purpose of the External Attack and Penetration testing plan is to outline on what to do for an external penetration test within a corporate network. The goals for this plan if it is successful, is that to go ahead and deploy whatever the tester is testing after documentation has been written, saved, and reviewed by the IT staff. If the plan is not successful, then the tester needs to go through the steps of retesting the application...
Words: 402 - Pages: 2
...Lab #1 – Attack & Penetration Test Plan Answer Sheet Hacking and Countermeasures 6/28/2013 MR. Walker Ramon B Kreher Jared Long Part 1: Table of Contents 1. Introduction 2. Authorization 3. Preliminary 4. Scope 5. Goals & Objectives 6. Test Plan Reporting 7. Test Plan Reporting 8. Projecting Plan and Schedule Part 2: Sample Authorization Letter The Undersigned hereby testifies that they have proper authority and agrees to offer authorization to perform the work that is specified in the statement of work for the penetration test to be conducted by Security Consulting Inc. The systems to be tested shall not be compromised and any vulnerabilities that are discovered shall be kept confidential unless federal, state, or local law requires that they be disclosed or the statement of work specifies otherwise. This Document also certifies that the undersigned testifies that the Client has sufficient disaster recovery systems and insurance in the event of an incident during or after the test procedures. Part 3: Penetration Test Client Questions If black box is selected, do not fill out question 3 or following sections. 1. Black Box | White Box (please circle one) 2. Intrusive | Non-Intrusive (please circle one 3. Test Credentials: (fill in as many as needed) Username | Password | | | | | | | | | | | | | | | E-Commerce Web-based Application Server 1. Authorized to View Source? Yes | No (please...
Words: 652 - Pages: 3
...Lab 1 Assessment Worksheet Develop an Attack & Penetration Plan 1. List the 5 steps of the hacking process. * Reconnaissance * Scanning * Gaining Access * Maintaining Access * Covering Tracks 2. In order to exploit or attack the targeted systems, the first initial step I would do to collect as much information as possible about the targets prior to devising an attack and penetration test plan would be reconnaissance. I would use passive reconnaissance as this pertains to information gathering. 3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can be used to look up all the available host on a network through the DNS server. You can get IP address information of hosts on your targeted network. You can also get the information of the purpose of the hosts. Whois lookup is a protocol that can be used to interrogate the servers operated by regional internet registries which holds information about every IP/Domain registered on the internet. You can get information about your target such as; the name of the owner, address of the owner. IP ranges that a certain IP belongs to, contact information like emails and phone numbers, administrators names and server names. You can also just use your targets web site. Sometimes the targets website can reveal way too much information without realizing it, and just by looking at the information they have...
Words: 1233 - Pages: 5
...Unit 1 Lab Assessment Questions & Answers 1. List the five steps of the hacking process. -Reconnaissance -Scanning -Gaining Access -Maintaining Access -Covering Tracks 2. To exploit or attack the targeted systems, what can you do as an initial first step to collect as much information as possible about the targets prior to devising an attack and penetration test plan? Collect as much information as possible through analysis. You must have all the needed data you can acquire regarding the system, network and applications. This information will be used to generate an appropriate test plan. Using NMAP can provided you with a good network survey. NMAP can provide you information regarding what Operating Systems are running as well as the type of packets, filters and/or firewalls are installed. Review old test results and reports that have been kept with all issues that have plagued the network, this will show you any previous vulnerabilities and allow you to check if a fix was implemented. 3. What applications and tools can be used to perform this initial reconnaissance and probing step? NMAP is that will allow you to collect OS information as well as packets, filters and firewall information. Nslookup will allow you to map an IP to a specified domain. The Domain Name Server (DNS) will give you information on a specific domain that is used to communicate with the network Whois will allow you to profile the organization, this will provide you with the...
Words: 765 - Pages: 4
...Attack Methodology and Countermeasures Strayer University SEC420 Professor Gillen July 24, 2015 Attack Methodology and Countermeasures When most people hear the term “hacker” they think of an evil person committing crimes by hacking into their computers to steal, destroy and/or steal identities. This is so in some cases, but not all hackers are bad. Hackers are merely curious technically skilled individuals who gain unauthorized access to computers, networks of various companies, organizations and individuals. Good hackers are considered white hat hackers. They are the ones, who are hired to break into systems as a way of testing the vulnerabilities and security issues that may be present in the computer system. Consider this: company XYZ, a mid-sized corporation, is in the middle of satisfying their regulatory compliance needs. The manager of security at the company has been tasked by the CIO (Chief Information Officer) to report on the company’s current security posture. If the manager decided to outsource an ethical or white hat hacker in attempt to test their security measures. Over the course of this document various things the third party hacker would need from the company, things he or she would provide to the company and some predictions for the tests. In order to exploit the targeted systems the initial steps to gain as much information as possible about the targets. In this case, the manager is the contact in which questions may be posed. The hacker would...
Words: 1432 - Pages: 6
...Penertation Test? 4 1. Cleint Penetraion Test Request 5 1.2 Scope 5 1.3 Intrusive or Non-Intrusive 5 1.4 Compromise or Non Compromise 5 2. Goals and Objectives 6 3. Penertation testing Methodology 2.1 Penetration test plans 2.2 NIST penertation testing documentation 2.3 Web application penertation testing 2.4 E-commerece penertation testing 2.5 Network penetration testing 2.6 Common tools and applications for peneration testing 7 2.7 Black box testing, grey box testing, Black/grey box testing 2.8 Social engineering testing 7 3. Test Plan 15 3.1 Task 3.1 Reporting 3.1 Schedule 3.2 Limitation of Liability 3.3 End of Testing 3.1 Unanswered Questions 10 3.4 Signatures 8 3.1 Authorization Letter 8 4. Conclusion 11 5. Bibiography 11 Acronyms 22 Appendix A – Test Case Procedures 23 Abstract This document is a proposal with a series of activities undertaken to identify and exploit security vulnerabilities. It helps confirm the effectiveness or ineffectiveness of the security measures that have been implemented. This proposal provides an understanding of penetration testing. It discusses the benefits, the strategies and the mythology of conducting penetration testing. The mythology of penetration testing includes three phases: test preparation, test and test analysis. Key Words: Security Testing, Vulnerability Assessment, Penetration Testing...
Words: 1995 - Pages: 8
...network: • Ubuntu Linux 10.04 LTS Server (TargetUbuntu01) • Apache Web Server running the e-commerce Web application server • Credit card transaction processing occurs • The test will include penetrating past specific security checkpoints. • The test can compromise with written client authorization only. Goals and Objectives John Smith, CEO of E-commerce Sales, has requested that we perform a penetration test on the company’s production e-commerce Web application server and its Cisco network. It is our intention to run various penetration tests at irregular times in order to accurately test security measures that have been put in place. E-commerce Sales will not be aware of any of the penetration measures nor will they be aware of the times that this will be done. Information about the network will be gathered and analyzed for any open network interfaces. Success of the test is determined by determining any potential weaknesses in the network and being able to identify solutions to protect those weaknesses. Failure is determined by the inability to pinpoint any weaknesses in the system or to find weaknesses and not be able to suggest solutions. Tasks During the course of the penetration testing there are several different tasks that we will have to perform. These tasks are listed...
Words: 1705 - Pages: 7
...a. An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. b. Black hat: Hacks systems to do damage, cause harm, or to steal information without a consent. Grey hat: Walks the line between good and evil hacking. These hackers have the potential to be either a white hat hacker or a black hat hacker. White hat: Gets hired by a company to hack into their system to test and see if there are potential weaknesses within the network. c. A malicious user is an individual or group who has the knowledge, skills, or access to compromise a system's security. A malicious user could be a black hat hacker, grey hat hacker, or and white hat hacker. d. Hacking your own system exposes your system’s weaknesses. Once your system’s weaknesses have been fixed, it decreases your chances of a potential threat. e. The goals of an ethical hacker is to use penetration testing methods on the customer’s system. It’s a structure means of investigating, uncovering, attacking and reporting. f. Trojan: Looks innocent, but its meant to cause harm. Malicious attacks: getting hacked. Spyware: is used to gather a user’s personal information. g. Formulate your plan, Execute your plan, Evaluate your results. 2. a. * Track what worked in previous tests and why. * Help prove what you did. * Correlate your testing with intrusion detection systems (IDSs) and other log files if trouble...
Words: 499 - Pages: 2
...FULL BREACH PENETRATION TEST 1. Reconnaissance. a. Establish active and inactive routes into the property. b. Establish Contractor routines (Cleaners, Builders, Electricians, Technician etc) c. Establish Courier routines d. Establish employee routines, (Social Engineering) e. Obtain ID card/s, (Theft or Falsify) 2. Gain entry to the building. (Pretext, Deceit, Employment) a. Establish Office layout b. Establish Sensitive offices (Including ComCen and IT rooms) c. Establish Evacuation routines 3. Acquisition of Intelligence. a. Obtain Hard & Soft Copy Information b. Obtain Top Managerial Personal Information, (Addresses etc) c. (Optional deployment of Ethical Hacking) 4. Disruption/Sabotage a. Insertion of dummy explosive/incendiary devices (Packages, Letter Bombs etc). b. Abduction plan 5. Report The time frame is variable dependent on current security protocols and staff awareness. Client Network Penetration Testing Proposal Document Reference xxx-xxxx-xx Contents 1 Background 3 2 Scope 4 2.1 Types of Attack 4 2.2 Report 5 2.2.1 Executive Summary 5 2.2.2 Technical Report 5 2.2.3 Recommendations 5 2.2.4 Security Policy 5 3 Phase 1 – Internal 6 3.1 Scope 6 3.2 Deliverable 6 4 Phase 2 – Internet 7 4.1 Scope 7 4...
Words: 2185 - Pages: 9
...Malcolm Testing Solution’s Penetration Test Plan Customer: The Fitness Club Introduction: The Fitness Club has already been victim to hacking that took place on their web server. They are unsure if this occurred due to a former administrator who quit or if by an external party. Malcolm Testing Solutions has been tasked with creating a penetration test plan to prevent further acts of attack on the Fitness Club’s network. The objective of the assessment is to provide feedback to The Fitness Club with respect to its ability to preserve the confidentiality, Integrity, and availability of the information maintained by and used by its origination. Malcolm Testing Solutions will test the use of security controls used to secure sensitive data. Services Overview: This project shall include 1 consultant for a time period of 2 days onsite at a single customer location to provide internal penetration test services. Malcolm Testing Solutions will provide tools, knowledge and expertise to execute an internal penetration test on customer designated devices. Malcolm Testing Solutions will attempt to compromise the access controls on designated systems by employing the following methodology: 1. Enumeration – Once Malcolm Testing Solutions has arrived for The Fitness Club’s assessment they will connect to the network via the data port provided by the customer. Once connected, Malcolm Testing Solutions will run a variety of information gathering tools in order to enumerate computers and devices...
Words: 566 - Pages: 3
...Stated, society’s daily lives revolve around social interaction, economic stability, job security and information dominance. Information Dominance is “the degree of information superiority that allows the possessor to use information systems and capabilities to achieve an operational advantage in a conflict or to control the situation in operations other than war while denying those capabilities to the adversary (US Cyber Command, 2012).” Corporations as well as many of the world’s governments have risen and fallen due to their degree of Information Dominance and Information Security. Cyber-attacks have increased exponentially within the last 10 years. Battlefield lines that were once drawn in the sand no longer exist. Cyber-attacks can occur from any location in the world and at any time. A Cyber-terrorist has the ability to use current communication infrastructure to launch an attack that could cripple a nation. In 2012, Defense Secretary, Leon Panetta spoke at the Business Executives for National Security (BENS) summit. He expresses that “An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches," he said. "They could for example derail passenger trains, or even more dangerous trains loaded with lethal chemicals," he said. "They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country. The most...
Words: 3217 - Pages: 13
...Penetration Test vs. Vulnerability Assessment Ø Penetration testing ensures you that your network will not be penetrated by malicious users. Ø Vulnerability Assessment gives an organization the ability to identify potentials for intrusion to their network. Ø Penetration test are more intrusive Reason for Assessement Ø Identify the vulnerability Ø Quantify the vulnerability Ø Prioritizing the vulnerability Internal vs. External Ø Internal assessment shows the vulnerabilities that employees or anyone with access to the internal network and exploit them. Ø External assessments shows the vulnerabilities from someone without direct access to the internal network. Window of Vulnerability Ø Unknown Window of Vulnerability Ø Known Window of Vulnerability Risk Ø Vulnerability Ø Attacks Ø Threats Ø Exposure Risk = Vulnerability x Attacks x Threats x Exposure Risk of Internal Assessment Ø Can’t be truly objective Ø Fair and impartial assessment Management is force to deal with the “fox in the Hen House” problem Steps 1-3 to an Successful Assessment • Understand the consequences • Document Management buy-in • Develop manageable objectives Step 4-6 to an Successful Assessment • Determine method • Plan for disruptions • Develop an assessment in a impactful, yet understandable, way. Qualified and Experienced outside Third Party. Ø Protect yourself with an contract Ø Breadth of experience Ø Currency with the latest technical...
Words: 255 - Pages: 2
...Overview Describe the role of an ethical hacker Describe what you can do legally as an ethical hacker Describe what you cannot do as an ethical hacker Hands-On Ethical Hacking and Network Defense 2 Ethical hackers Employed by companies to perform penetration tests Penetration test Legal attempt to break into a company’s network to find its weakest link Tester only reports findings, does not solve problems Security test More than an attempt to break in; also includes analyzing company’s security policy and procedures Tester offers solutions to secure or protect the network Hands-On Ethical Hacking and Network Defense 3 Hackers Access computer system or network without authorization Breaks the law; can go to prison Crackers Break into systems to steal or destroy data U.S. Department of Justice calls both hackers Ethical hacker Performs most of the same activities but with owner’s permission Hands-On Ethical Hacking and Network Defense 4 Script kiddies or packet monkeys Young inexperienced hackers Copy codes and techniques from knowledgeable hackers Experienced penetration testers write programs or scripts using these languages Practical Extraction and Report Language (Perl), C, C++, Python, JavaScript, Visual Basic, SQL, and many others Script Set of instructions that runs in sequence Hands-On Ethical Hacking and Network Defense 5 ...
Words: 1129 - Pages: 5
...department at Caldwell Community College and Technical Institute within the North Carolina Community College System. Ethical Hacking 3 Ethical Hacking: Teaching Students to Hack The growing dependence and importance regarding information technology present within our society is increasingly demanding that professionals find more effective solutions relating to security concerns. Individuals with unethical behaviors are finding a variety of ways of conducting activities that cause businesses and consumers much grief and vast amounts annually in damages. As information security continues to be foremost on the minds of information technology professionals, improvements in this area are critically important. One area that is very promising is penetration testing or Ethical Hacking. The purpose of this paper is to examine effective offerings within public and private sectors to prepare security professionals. These individuals must be equipped with necessary tools, knowledge, and expertise in this fast growing proactive approach to information security. Following this examination a...
Words: 6103 - Pages: 25
...is in progress and various ethical hacking tools available for organizations. Information is the important source for any organizations while executing business operations. Organizations and government agencies have to adopt ethical hacking tools in order secure important documents and sensitive information (Harold F. Tipton and Micki Krause, 2004). Ethical hacker professionals have to be hired in order to test the networks effectively. Ethical hackers perform security measure on behalf of the organization owners. In order to bring out the ethical hacking efforts perfectly a proper plan must be executed. Ethical hacking has the ability to suggest proper security tools that can avoid attacks on the networks. Hacking tools can be used for email systems, data bases and voice over internet protocol applications in order to make communications securely. Ethical hacking can also be known as penetration testing which can be used for networks, applications and operating systems (Jeff Forristal and Julie Traxler, 2001). Using hacking tools is a best method for identifying the attacks before it effect the entire organization. Ethical hackers are nothing but authorized users for the sensitive information or networks of an organization. Using hacking techniques for handling employees in organization and for solving critical judicial cases is not a crime. An ethical hacker use same tools and actions as performed by normal hacker. The main aspect in ethical hacking is that target permission...
Words: 9223 - Pages: 37