Gap Analysis & Security Evaluation
Jason Murray, D.CSCornwall-Lebanon SD
www.slideshare.net/jasonmurray72
Goals
• Awareness• Information Gathering• Phases of Exploitation– Think like a hacker
• Security Gap Analysis Framework• Demonstrate a few Kali Linux tools
How vulnerable are you?
How easy is it to gather information?
FireForce
sqlmap –u [URL]
What happens if we become a target?
5 Phases of Exploitation
1. Reconnaissance2. Scanning3. Gaining Access4. Maintaining Access5. Covering Tracks
Reconnaissance
• Target– Internal DNS– Private Website– Dumpster Diving– Shoulder Surfing– Eavesdropping
Reconnaissance – Whiteboarding
• Phone• Network• Websites• Email • Google• WhoIs• AnyWho• DNS• Social Network
• IP Blocks• Net Blocks• Web Server
Content• Source Code• Directories• Databases• Search Engines• URL Analysis
• Google Earth• People Sites• Financial Analysis• Job Sites• Alert Websites• Archive Sites• Web Monitoring• Google Dorking
Target - Demo
Scanning
• Layer 4 – TCP (flags) & UDP• Layer 3 – IP (v4 or v6) & ICMP– Host– Ports & Services– Vulnerabilities– Diagrams
Scanning - Tools
• DNS Enumeration• nikTo• hping3• NMAP– ZenMap
Advanced
• Gaining Access• Maintaining Access• Covering Tracks
Avoid Getting Targeted
Security Gap Analysis
Team
• Considerations– IT staff– Security– End Users• Teachers• Students• Community
– Management– Tech savvy & non-savvy
Step 1: Policy, Procedure, & Guideline
• Standards– COBIT– ISO 27001
Step 1: Policy, Procedure, & Guideline
• Pen Testing Standards– Open Web Application Security Project– Penetration Testing Execution Standard– Open Source Security Testing Methodology Manual– Penetration Testing Framework
Step 1: Policy, Procedure, & Guideline
• Who has access/privileges?– For how long?– Vendors vpn?– Retirees/terminations?– Logging?
• Updates?– Every node?
• Passwords– Saved in browser?– Frequency of changes?
Step 2: Audit
• Permission• Scope– Physical and/or electronic
• Social engineering– Timetable– Resources (outsourced/in house)
• Review Framework– Following policies (awareness)
• Openings– Ports– Human Factor– Physical equipment
Step 2: Audit
• Device Security– Encryption– Password– Device storage– Device on a non-secure network
Step 2: Audit
• Physical Security– Access to infrastructure– Environmental safeguards• Temperature• Humidity
– Protection safeguards• Fire• Water
Step 2: Audit
• Personnel Security– Staff backgrounds– Security awareness programs that discourage
insider attacks– Protection against terminated staff– Repercussions of malicious violation of
information security
Step 3: Technical Review
• Up to date– Software/patches– Policies
• Awareness – Justification for openings
• Consistency– OS, antivirus, update procedures
• Vulnerability/risk management• Encryption
Step 4: Findings & Prioritization Summary
• Review the findings• Organize & arrange tasks to fix gaps– Electronic– Policy, procedures, guidelines– Physical
• Update Risk Management Strategy
Questions
Resources
• CIO• Faulkner Information Services• Forbes• Pen Test Frameworks• Tech Target• University of Minnesota• YouSigma
Kali Resources
• Free Education For All (120 lessons)• JackkTutorials• Royal Hacks• Royal Hacks (advanced)• Kali Linux Tutorials
Top Related