Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats...
Transcript of Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats...
![Page 1: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/1.jpg)
Internet Service Provider Attack Scenario
MENOG2018
1
![Page 3: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/3.jpg)
Internet Service Provider threats
• Service unavailability
• Data leakage
• Abuse of network resources
Mohammad Reza Mostame – CTO of RNPG 3
![Page 4: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/4.jpg)
Network access through web applications
• Web application vulnerability
1. SQL Injection
2. OS access
3. Privilege escalation
4. Layer 2 network attack
Mohammad Reza Mostame – CTO of RNPG 4
![Page 5: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/5.jpg)
Routers access method
• monitoring software vulnerabilities
• Routers vulnerabilities
• Routers misconfigurations
Mohammad Reza Mostame – CTO of RNPG 5
![Page 6: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/6.jpg)
Attack scenario against Internet Service Provider
• Getting access to the routers and hijack the network traffic
Mohammad Reza Mostame – CTO of RNPG 6
![Page 7: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/7.jpg)
Attack scenario against Internet Service Provider
• BGP hijack
Mohammad Reza Mostame – CTO of RNPG 7
![Page 8: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/8.jpg)
Attack scenario against Internet Service Provider
• Remote File Inclusion’s vulnerability leads to Firewall bypass
Mohammad Reza Mostame – CTO of RNPG 8
![Page 9: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/9.jpg)
Attack scenario against Internet Service Provider
• LDAP Injection attack
• Pass The Hash vulnerability
• Escalate privileges to the administrator in Active Directory
Mohammad Reza Mostame – CTO of RNPG 9
![Page 10: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/10.jpg)
How to secure the Internet Service Provider’s
infrastructure!
Mohammad Reza Mostame – CTO of RNPG 10
![Page 11: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/11.jpg)
First: Identify threats
• Penetration testing can help us to find the threats.
• ISP’s threats divided into 4 sections
1. Web application vulnerability and exploitation
2. Misuse of Network resources
3. Misuse of OS vulnerability
4. Mobile applications threats
Mohammad Reza Mostame – CTO of RNPG 11
![Page 12: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/12.jpg)
Penetration testing benefits
• Preventing Information Loss
• Preventing Financial Loss
• Protect Your Brand in Market
• Essential part of compliance standards or certifications for your business
Mohammad Reza Mostame – CTO of RNPG 12
![Page 13: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/13.jpg)
Second: Secure your business
• Web application hardening
• Network hardening
• OS hardening
• DLP
Mohammad Reza Mostame – CTO of RNPG 13
![Page 14: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/14.jpg)
Web application hardening
• Runtime Application Self-Protection (RASP)
• Web Application Firewall (WAF)
• Secure Software Development Life Cycle (SDLC)
• Database Firewall (DBFW)
Mohammad Reza Mostame – CTO of RNPG 14
![Page 15: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/15.jpg)
Network hardening
• Service hardening
• Device hardening
• Intrusion Prevention System & Firewall
Mohammad Reza Mostame – CTO of RNPG 15
![Page 16: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/16.jpg)
OS hardening
• Application hardening
• Sandbox
• Vulnerability management
• Mandatory Access Control (SE Linux)
Mohammad Reza Mostame – CTO of RNPG 16
![Page 17: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/17.jpg)
Data Loss Prevention
• AD RMS (Active Directory Rights Management Services)
• Host Based DLP
• Network Based DLP
Mohammad Reza Mostame – CTO of RNPG 17
![Page 18: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/18.jpg)
Defense In Depth
Mohammad Reza Mostame – CTO of RNPG 18
![Page 19: Internet Service Provider Attack Scenario · 2018. 4. 26. · Internet Service Provider threats •Service unavailability •Data leakage •Abuse of network resources Mohammad Reza](https://reader035.fdocuments.in/reader035/viewer/2022070218/61243c187b212912c8770c85/html5/thumbnails/19.jpg)
Questions and Answer
• Thanks
http://rnpg.ir
19