A Study on the Security aspects of Network System Using Penetration Testing



Similar documents
Automated Penetration Testing with the Metasploit Framework. NEO Information Security Forum March 19, 2008

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING. Anestis Bechtsoudis. abechtsoudis (at) ieee.

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

CIT 480: Securing Computer Systems. Vulnerability Scanning and Exploitation Frameworks

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

SANS Top 20 Critical Controls for Effective Cyber Defense

Application Security in the Software Development Lifecycle

Metasploit The Elixir of Network Security

eeye Digital Security Product Training

Course Title: Penetration Testing: Security Analysis

Penetration Testing Workshop

AN OVERVIEW OF PENETRATION TESTING

Excellence Doesn t Need a Certificate. Be an. Believe in You AMIGOSEC Consulting Private Limited

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

Hacking: Information Gathering and Countermeasures

Security and Vulnerability Testing How critical it is?

EC-Council Certified Security Analyst (ECSA)

FREQUENTLY ASKED QUESTIONS

Information Security Services

NETWORK PENETRATION TESTING

Penetration Testing Report Client: Business Solutions June 15 th 2015

Course Title: Penetration Testing: Network & Perimeter Testing

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Anatomy of an ethical penetration test

CRYPTUS DIPLOMA IN IT SECURITY

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

Penetration Testing in Romania

WHITEPAPER. Nessus Exploit Integration

Vulnerability Management

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

What is Penetration Testing?

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

An Introduction to Network Vulnerability Testing

Client logo placeholder XXX REPORT. Page 1 of 37

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Vulnerability Assessment Using Nessus

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Cisco Security Optimization Service

IDS and Penetration Testing Lab ISA 674

Information Security. Training

Security Testing. Vulnerability Assessment vs Penetration Testing. Gabriel Mihai Tanase, Director KPMG Romania. 29 October 2014

Integrated Threat & Security Management.

Security-as-a-Service (Sec-aaS) Framework. Service Introduction

Define risk and risk management Describe the components of risk management List and describe vulnerability scanning tools Define penetration testing

Information Security Organizations trends are becoming increasingly reliant upon information technology in

The Security Development Life Cycle

A PRACTICAL APPROACH TO INCLUDE SECURITY IN SOFTWARE DEVELOPMENT

ensuring security the way how we do it

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May ISSN

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

Vinny Hoxha Vinny Hoxha 12/08/2009

STABLE & SECURE BANK lab writeup. Page 1 of 21

Hackers are here. Where are you?

Using Free Tools To Test Web Application Security

Information Security for Modern Enterprises

WHITE PAPER. An Introduction to Network- Vulnerability Testing

HackMiami Web Application Scanner 2013 PwnOff

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

DMZ Gateways: Secret Weapons for Data Security

Learn Ethical Hacking, Become a Pentester

Rational AppScan & Ounce Products

Introduction to Penetration Testing Graham Weston

AN OVERVIEW OF VULNERABILITY SCANNERS

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

The Top Web Application Attacks: Are you vulnerable?

Literature Study of Penetration Testing

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

Self Service Penetration Testing

Breaking down silos of protection: An integrated approach to managing application security

Team Members: Jared Romano, Rachael Dinger, Chris Jones, Miles Kelly Supervising Professor: Dr. George Collins Industry Advisor: Dr.

Course Title Penetration Testing: Procedures & Methodologies

Where every interaction matters.

LINUX / INFORMATION SECURITY

This tutorial has been prepared for beginners to help them understand the basics of Penetration Testing and how to use it in practice.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Network Penetration Testing

Web Vulnerability Scanner by Using HTTP Method

Vulnerability Scanning & Management

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

Cybersecurity and internal audit. August 15, 2014

Penetration Testing - a way for improving our cyber security

Hands-on Hacking Unlimited

THE BLUENOSE SECURITY FRAMEWORK

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

Transcription:

A Study on the Security aspects of Network System Using Penetration Testing 1 Shwetabh Suman, 2 Vedant Rastogi 1,2 Institute of Engineering and Technology, Alwar, India 1 shwetabhsuman13@gmail.com 2 vedantnoki@gmail.com Abstract Penetration testing is used to search for vulnerabilities that might present in a network system. The testing process usually involves simulating different types of attacks on the target a machine or network. This type of testing provides an organized and controlled way to identify security problems. Generally the resources and time required for comprehensive testing can make penetration testing cost intensive. Consequently, such tests are usually only performed during important milestones. A penetration test is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders and/or insiders. Several procedures carried out during penetration tests can be easily automated. The paper addresses the problem of automated penetration testing limitations by studying the differences with manual testing. Keywords Penetration Test, Semi Automated Testing, Manual Testing I. INTRODUCTION The rapid growth in the internet and web technologies has been beneficial to businesses and peoples. With the rise of new technologies comes the challenge of providing a secure environment for the efficient processing. A study conducted by the CISCO in 2013 suggests that over 90 percent of IT based companies have fallen victim to malicious attacks [1]. Security testing is used to build a secure system but it has been ignored for a long time. It is of immaculate importance these days for all the IT security peoples. In today s world, privacy and security have been assigned foremost importance, therefore it is highly recommended to look forward for data and operations security in software applications, which demands urgent attention but it is rather ignored. Therefore, our objective is to introduce developers with an esteemed importance of system s security, which can be induced by implementing security testing methodology in SDLC process to produce a secure software system. So, Security Testing has been defined from developer s point of view. It resembles methods that need to be incurred in SDLC process to incorporate security feature in software. Software Security Unified Knowledge Architecture not only describes Security testing s values and objectives but also provides some developer s guidelines to produce a secure software system. Before a penetration test, certain key issues need to be placed in order to ensure useful and timely results. It includes the technical requirements such as time constraints; cover the full range of the threats, the range of IP addresses over which the test is to be conducted and the systems that are to be attacked and also those that are not to be attacked as part of the test with minimal disruption to normal operation. Other requirements may also include legal and contractual issues specifying liability information to individuals regarding the test taking place. Such requirements can vary depending on legal structures in the organization or even the host country of the organization. Network penetration testing is a well-known

Shwetabh Suman et al.: A Study on the Security aspects of Network System Using Penetration Testing 19 approach used for security testing. Penetration testing can be a laborious task which relies much on human knowledge and expertise, with various techniques employed, and an extensive amount of tools used in the process. A methodical approach to penetration testing is therefore recommended. The flaw hypothesis methodology, used in this thesis, represent one of the most used models for penetration testing and have great similarities in other penetration testing methodologies and standards used today. There are few reasons for an organization to hire a security professional to perform a penetration test. The main reason is that security breaches can be extremely costly. A successful attack may lead to direct financial losses, harm the organization s reputation, trigger fines, etc. With a proper penetration test it is possible to identify security vulnerabilities and then take counter measures before a real attack takes place. A penetration test is generally performed by people external to the organization responsible for the system under test. Consequently, the testers operate with a different point of view of the system s resources and may be able to identify issues that were not readily visible to internal operators. II. LITERATURE REVIEW We have reviewed some earlier efforts to automate the penetration testing process. There are various tools which provide the basis for understanding the automated procedures for penetration testing in the context of their production environments. A commercial application developed for automated penetration testing developed by Core Security Technologies. Core Security s Impact is GUI-based application designed for easing the work of corporate security mechanism which needs an efficient application to perform penetration testing on their systems [2]. This application automates all phases of a penetration test, from requirement specification to final report generation. Basic concept behind this application is procedure used by the majority of automated penetration testing tools such as the start scans a range of hosts in a network, looking for vulnerabilities for which it has suitable exploits. In an additional manner after the vulnerability exploitation, this application is able to install agents on the affected machines that provide different levels of remote access. These active agents can launch additional tests from the new location, allowing the penetration tester to move from host to host within the system under test. The exploits used by this software are constantly updated and for the end users. The exploit database contains a large number of up-to-date exploits which gives it the ability to test a wide range of systems. Major drawback of Core Security Technologies software is its high price and the lack of a command line interface. Another commercial application developed for automated penetration testing developed by Immunity Inc [3]. Immunity s Canvas is a vulnerability exploitation tool uses the same approach as Core Impact s, the only difference, it provides a lower level of automation and it has less features such as pivoting and automated reporting. Major advantages of this tool over Core Impact are a considerably lower price and a feature of command line interface. As for additional point this application does not provide fully automated procedures for penetration testing. It is a basic support tool for penetration testers those can use it to gather information about the system under test and choose appropriate exploits for actions among all provided. This tool is able to automate parts of the penetration testing process; the end user of this tool must have a substantial knowledge about penetration testing and system security. Fast-Track [4] is a python-based open-source project based on the Metasploit framework providing penetration testers with automated tools to identify and exploit vulnerabilities in a network. Fast-Track extends Metasploit with additional features and is composed of several tools concerned with different aspects of the penetration test: MSSQL server attacks, SQL injection, Metasploit Autopwn Automation, Mass Client Side attacks, additional exploits not included in the Metasploit framework, and Payload generation. Existing Tools for Penetration Testing Few of the most common tools used by security professionals for penetration testing are discussed in this

Table1: Comparison of Penetration Testing Tools/Techniques Tools /Techniques Functions Availability Platform Advantages Mapper or Nmap [5] Security Auditing Network Scanning Port Scanning as an opensource Linux, Windows, Mac Excellent scalable Work against remote Metasploit [6] system Use for vulnerability of computer systems All versions of Unix and Windows It is a Framework has various functions for security scanning on single platform. Hping [8] Remote OS fingerprinting Security auditing and testing firewalls and networks Windows, Open BSD, Solaris, Mac OS X Low level scriptable and idle scanning SuperScan [9] Detect TCP/UDP ports determine which services are running on those ports Run queries Windows Possible to access unauthorized open ports paper. Network Mapper or Nmap is a security scanner tool for a computer network [5]. This is open-source software application basically used to create a map of a network and to provide a list of hosts with related services that exist in the network. This tool is often used by professionals for performing security auditing, since the scanning of a network might reveal vulnerable services or configurations. Nmap tool can also be used for network monitoring and inventory. This tool is excellent scalable and this property makes it for scanning large networks. Another tool Metasploit [6] is a framework for security testing. This is an exploitation framework provides several tools, utilities, and scripts to execute and develop exploits against targeted remote system. A variety of different techniques and tools are for penetration testing. Table 1 lists some of these tools. III. TESTING WORKFLOW In this work we studied various automated tools for penetration testing. By analyzing the behavior of different tools a common approach to automated penetration testing emerged. The procedure followed by these tools consists of three main phases: First scan host machines in the network under test to collect all possible information Secondly we need to identify vulnerabilities of these host by matching the results of the first phase i.e. scan with entries in a vulnerability database In the third phase it exploits vulnerability to gain access to for a certain resource It s difficult to find all vulnerabilities using automated tools. There is some vulnerability which can be identified by manual scan only. Penetration testers can perform better attacks on

Shwetabh Suman et al.: A Study on the Security aspects of Network System Using Penetration Testing 21 application based on their skills and knowledge of system being penetrated. The methods like social engineering can be done by manual testing only. Manual testing process includes design, business logic with code verification. In the next section tools procedures will be compared with the actions manually performed by a penetration tester in a production environment, with the goal of understanding the differences that make manual testing the preferred solution in such environments. IV. WORK ANALYSIS In this section we analyze the differences between an aggressive penetration test carried out by most of the standard automated tools and the process followed by a penetration tester manually testing a system in a production environment. The main difference between the automatic and manual approaches is that vulnerabilities derived from software application flaws are not exploited in production environments. However, various vulnerabilities can still be identified and reported as a problem. The first scanning phase is common for both automatic and manual approaches and, although few different, it leads to very similar results that may reveal vulnerable exposed services in the system under test. A professional penetration tester does not necessarily need to exploit these vulnerabilities, but simply point them out to the client. Some of the exploits instead are considered safe to exploit. A penetration tester may decide to leverage a safe exploit to gain access to the vulnerable resource. In any production environment, an experienced penetration tester always applies the safest techniques first. Using a combination of automatic tool and manual process can result in the various benefits. 1. In semi automated system all the technical and logical security issues can be identified easily. Technical vulnerabilities can be efficiently identified by automated tool while the logical vulnerabilities which could not identified by the automated tool, can be identified by testing professional s analysis. 2. The total volume of false positives can be minimized using semi automated system. Software can apply various tests on a network application and customized error messages and response can better be analyzed by testing professionals. This will reduce the number of false positive results which could occur if the software is used alone [7]. 3. The unique and evolving nature of software applications require a human to select suitable tests for a particular module, to be applied by the software. In this way large applications can be tested quickly and efficiently. A logged in state can be maintained using a combination of software and security personnel. If the software is logged out at some point, security personnel can detect it and log in again before the software proceed to next test. 4. Software tools can remotely scan without source code accessibility. They can quickly crawl through a web system and find out all the links associated with that domain. Human interaction will enhance this process to carefully map the online system and remove the bad links. Since vulnerabilities due to software bugs are usually not exploited, the tester needs to leverage other security issues in order to gain access and start the expanding process. V. CONCLUSIONS Penetration testing is a very effective method to analyze the weakness and strength of network systems. By using penetration test in any organization offers benefits such as protect company data, companies often take measures to guarantee the availability, confidentiality and integrity of data or to ensure access for authorized persons. This paper presented a study on the comparison of several security tools implementing penetration-testing and manual testing over network. We tried to show a robust method for the best result to secure a network using penetration testing. The goal of this study is to investigate the results of combining manual and automated approach as semi automated proxy security evaluation tool that automates the security testing of network and at the same time give control of the testing process to the test performer. This semi automated approach is also expected to maintain security evaluation tool with the help of a security

analyst is expected to eliminate the problems that can result by using automated or manual approach alone. REFERENCES [1] J Aileen G. Bacudio, Xiaohong Yuan, Bei-Tseng Bill Chu, Monique Jones AN OVERVIEW OF PENETRATION TESTING International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.6, November 2011. [2] Farkhod Alisherov A., and Feruza Sattarova Y, Methodology for Penetration Testing, International Journal of of Grid and Distributed Computing, Vol.2, No.2, June 2009. [3] Penetration Testing: A Review,Kumar Shravan,, Bansal Neha,Bhadana Pawan, COMPUSOFT, An international journal of advanced computer technology, 3 (4), April-2014, [4] Roning, J., Laakso, M., Takanen, A. & Kaksonen, R. (2002) Protossystematic approach to eliminate software vulnerabilities, https://www.ee.oulu.fi/research/ouspg/, December 2012. [5] Potter, Bruce, and Gary McGraw. "Software security testing." Security & Privacy, IEEE 2.5 : 81-85, 2004. [6] Bhattacharyya, Debnath, and Farkhod Alisherov. "Penetration testing for hire."international Journal of Advanced Science and Technology 8, 2009. [7] Que Nguyet Tran Thi and Tran Khanh Dang, Towards Side-Effectsfree Database Penetration Testing, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, volume: 1, number: 1, pp. 72-85. [8] Smith, Bryan, William Yurcik, and David Doss. "Ethical hacking: the security justification redux." Technology and Society, 2002.(ISTAS'02). 2002 International Symposium on. IEEE, 2002. [9] Klevinsky, Thomas J., Scott Laliberte, and Ajay Gupta. Hack IT: security through penetration testing. Addison-Wesley Professional, 2002.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information