NETWORK PENETRATION TESTING

Similar documents
An Introduction to Network Vulnerability Testing

WHITE PAPER. An Introduction to Network- Vulnerability Testing

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Payment Card Industry (PCI) Data Security Standard

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

PCI Security Scan Procedures. Version 1.0 December 2004

Information Security Organizations trends are becoming increasingly reliant upon information technology in

A Decision Maker s Guide to Securing an IT Infrastructure

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

Using Skybox Solutions to Achieve PCI Compliance

Vulnerability Assessment and Penetration Testing. CC Faculty ALTTC, Ghaziabad

Network and Host-based Vulnerability Assessment

Penetration Testing Service. By Comsec Information Security Consulting

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

Put into test the security of an environment and qualify its resistance to a certain level of attack.

Cisco Security Optimization Service

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

Cisco Advanced Services for Network Security

For more information or call

PCI-DSS Penetration Testing

AN OVERVIEW OF VULNERABILITY SCANNERS

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Security for NG9-1-1 SYSTEMS

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

Procuring Penetration Testing Services

YOUR HIPAA RISK ANALYSIS IN FIVE STEPS

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Firewalls Overview and Best Practices. White Paper

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How

Client logo placeholder XXX REPORT. Page 1 of 37

2012 North Dakota Information Technology Security Audit Vulnerability Assessment and Penetration Testing Summary Report

Why Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation

Information Technology Services

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:

Dedicated and Distributed Vulnerability Management

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Rapid Vulnerability Assessment Report

The Nexpose Expert System

Firewall implementation and testing

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

PCI DSS 3.0 Changes Bill Franklin Executive IT Auditor January 23, 2014

Five keys to a more secure data environment

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

Information Technology Security Review April 16, 2012


PCI DSS Reporting WHITEPAPER

Understanding Security Testing

Vulnerability Assessment Report Format Data Model

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure

Ethical Hacking Course Layout

Where can I install GFI EventsManager on my network?

BEST PRACTICES. DMZ Virtualization with VMware Infrastructure

Penetration Testing. Security Testing

locuz.com Professional Services Security Audit Services

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Network Segmentation in Virtualized Environments B E S T P R A C T I C E S

Outsource IT Services

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Exam 1 - CSIS 3755 Information Assurance

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

Effective Software Security Management

PKF Avant Edge. Penetration Testing. Stevie Heong CISSP, CISA, CISM, CGEIT, CCNP

This document was prepared in conjunction with work accomplished under Contract No. DE-AC09-96SR18500 with the U. S. Department of Energy.

Basics of Internet Security

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

DeltaV System Cyber-Security

HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

Computer System Security Updates

Global Partner Management Notice

Analyze. Secure. Defend. Do you hold ECSA credential?

GUIDE TO INFORMATION SECURITY TESTING AND ASSESSMENT

Self Service Penetration Testing

Footprinting and Reconnaissance Tools

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Network Security Audit. Vulnerability Assessment (VA)

Extreme Networks Security Analytics G2 Vulnerability Manager

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

Hands-on Hacking Unlimited

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Using Skybox Solutions to Ensure PCI Compliance. Achieve efficient and effective PCI compliance by automating many required controls and processes

ASDI Full Audit Guideline Federal Aviation Administration

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Penetration Testing Report Client: Business Solutions June 15 th 2015

Lessons from the DHS Cyber Test Bed Project

Cyber Essentials. Test Specification

Transcription:

Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com

OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes in project management, network design, implementation, and monitoring, network security compliance and network penetration testings, network administration, and related services. Mr. West has deployed both Windows 2003 and Exchange 2003 to several organizations, varying in size from 50- user organizations to 9,000-user organizations. These rollouts have included the comprehensive design, implementation, and support of Microsoft Active Directory, Windows Servers (both Server and Advanced Server), Exchange 2000 Servers, and XP & Vista workstations. Mr. West currently holds the following Certifications: Novell Master CNE Novell Enterprise CNE Novell Certified Network Engineer Microsoft Certified Professional Microsoft Certified System Engineer Member of the Computer Security Institute Member of the Information Systems Audit and Control Association (ISACA) Certified Ethical Hacker (pending) Certified Information Systems Auditor (pending) Mr. West has worked for companies such as: IBM Raytheon CNA Insurance The Associates (Citicorp) Blue Wireless & Data Inc. Mr. West has personally supported Cooperative Processing Resources for the past 7 years and is fully aware of how its agencies interface with their custom applications and he is ready to bring that level of service to your security needs

TABLE OF CONTENTS TABLE OF CONTENTS Introduction 3 Penetration Testing Overview 3 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 Summary 7 Remote Assessment 7 Local Assessment 7

INTRODUCTION INTRODUCTION As electronic commerce, online business-to-business operations, and global connectivity have become vital components of a successful business strategy, enterprises have adopted security processes and practices to protect information assets. Most companies work diligently to maintain an efficient, effective security policy, implementing the latest products and services to prevent fraud, vandalism, sabotage, and denial of service attacks. However, many enterprises overlook a key ingredient of a successful security policy: They do not test the network and security systems to ensure that they are working as expected. Network penetration testing using tools and processes to scan the network environment for vulnerabilities helps refine an enterprise s security policy, identify vulnerabilities, and ensure that the security implementation actually provides the protection that the enterprise requires and expects. Regularly performing penetration tests helps enterprises uncover network security weaknesses that can lead to data or equipment being compromised or destroyed by exploits (attacks on a network, usually by exploiting a vulnerability of the system), Trojans(viruses), denial of service attacks, and other intrusions. Testing also exposes vulnerabilities that may be introduced by patches and updates or by misconfigurations on servers, routers, and firewalls. Tim West Consulting uses proven methodologies and tools to detect vulnerabilities in the enterprise s network, and to then recommend repairs or corrections if necessary. Audit services can be tailored to enterprise s specific needs and include two levels of assessment. As the industry Professional in security services, Tim West Consulting has the expertise, experience, and technology to recognize and detect security vulnerabilities and to provide effective, enterprise-wide solutions for them. Penetration Testing Overview The overall objective of penetration testing is to discover areas of the enterprise network where an intruder can exploit security vulnerabilities. Different types of penetration testing are necessary for different types of network devices. For example, a penetration test of a firewall is different from a penetration test of a typical user s machine. Even a penetration test of devices in the DMZ (demilitarized zone) is different from performing a scan to see if network penetration is possible. The type of penetration test should be weighed against the value of the data on the machine being tested and the need for connectivity to a given service. The penetration testing process has three primary components: Defining the scope Performing the penetration test Reporting and delivering results

PENETRATION TESTING OVERVIEW STEP 1: DEFINING THE SCOPE Before a penetration test can be launched, the enterprise must define the scope of the testing. This step includes determining the extent of testing, what will be tested, from where it will be tested, and by whom. Full-Scale vs. Targeted Testing An enterprise must decide whether to conduct a full-scale test of the entire network or to target specific devices, such as the firewall. It is usually best to do both in order to determine the level of exposure to the public infrastructure, as well as the security of individual targets. For example, firewall policies are often written to allow certain services to pass through them. The security for those services is placed on the device performing those services and not the firewall. Therefore, it is necessary to test the security of those devices as well as the firewall. Some of the specific targets that should be considered for penetration testing are firewalls, routers, Web servers, mail servers, FTP servers, and DNS servers. Devices, Systems, and Passwords In defining the scope of the project, the enterprise must also decide on the range of testing. For example, is it looking only for vulnerabilities that could lead to a compromise of a device, or is it also looking for susceptibility to denial of service attacks? In addition, the enterprise must decide whether it will allow its password file to be hacked by the security team to test it users choice of passwords, and whether it will allow its password file to be hacked by the security team to test its user s choice of passwords, and whether it will subject its devices to password grinding across the network. Remote vs. Local Testing Next, the enterprise must decide whether the testing will be performed from a remote location across the Internet or onsite via the local network. This decision is dictated to a large degree by the targets that are selected for testing and by the current security implementations. For example, a remote test of a machine behind a firewall that hides network address translation for Internet access will fail if the firewall appropriately prevents access to the machine. However, testing the same firewall to see if it will protect users computers from a remote scan will be successful. In-House Vs. Outsourced Testing After the scope of the testing has been determined, the IT team must decide whether to use in-house resources to perform the testing or to hire outside consultants. In-house testing should be chosen only if an enterprise lacks the funds to hire outside consultants, or if the data is so sensitive that no one outside the company should view it. In all other cases, hiring outside consultants is recommended. Outside security consultants are highly trained and have worked with hundreds of different networks bringing specific expertise and broad experience to the testing procedure. Security consultants continuously research new vulnerabilities, invest in and understand the latest security testing hardware and software, recommend solutions for resolving problems, and provide additional personnel for the testing process. Enterprises can leverage the experience and resources of outside security consultants to help ensure thorough, properly executed penetration tests. Section 1

PERFORMING THE PENETRATION TEST STEP 2: PERFORMING THE PENETRATION TEST Proper methodology is essential to the success of the penetration test. It involves gathering information and then testing the target environment. The testing process begins with gathering as much information as possible about the network architecture, topology, hardware, and software in order to find all security vulnerabilities. Researching public information such as Whois records, SEC filings, business news articles, patents, and trademarks not only provides security engineers with background information, but also gives insight into what information hackers can use to find vulnerabilities. Tools such as ping, traceroute, and nslookup can be used to retrieve information from the target environment and help determine network topology, Internet provider, and architecture. Tools such as port scanners, NMAP, SNMPC, and NAT help determine hardware, operating systems, patch levels, and services running on each target device. Once information about all the targets has been assembled, the security engineers use it to configure commercial scanning tools such as ISS Internet Scanner, NAI s CyberCop Scanner, and freeware tools such as Nessus and Satan to search for vulnerabilities. The use of these commercial and freeware tools greatly speeds up the scanning process. After the vulnerability scanning has been completed, the output is examined for false positives and false negatives. Any vulnerability suspected of being false is re-examined or tested using other tools or custom scripts. To test for new vulnerabilities that have not been updated into the commercial or freeware scanners, the security engineers perform additional tests and run recently released exploits. This is necessary because new exploits are released every day, and it may be several weeks or months before these vulnerabilities are included in the vulnerability databases of the automated scanning tools. Once scanning has been performed, the security engineers can test for additional vulnerabilities and denial of service (DOS) attacks. To test for DOS attacks in a production environment, without risking device outage, an enterprise can create a duplicate image of the production device and then place the image on similar hardware for testing. Section 2

REPORTING AND DELIVERING RESULTS STEP3: REPORTING AND DELIVERING RESULTS After completing the penetration testing, security engineers analyze all information derived from the testing procedure. Then they list and prioritize vulnerabilities; categorize risks as high, medium, or low; and recommend repairs if vulnerabilities are found. They may also provide resources, such as Internet links, for finding additional information or obtaining patches to repair vulnerabilities. The final report may include the following parts: As executive summary summarizes the penetration test findings and discloses information concerning both strong and weak aspects of the existing security system. Key points of the test finding are also included. A more technically detailed report of the findings lists information about each device s vulnerabilities; categorizes and prioritizes risks; and makes recommendations about repairs, including providing additional technical information on how to repair vulnerability. Additional information, such as raw scanner output, Whois records, screenshots, and diagrams, as well as relevant RFC s and white papers, is included in an appendix Section 3

SUMMARY AND AUTHORIZAITON SUMMARY Although most enterprises have invested heavily in security products and services to protect their networks and operating systems from malicious or accidental destruction and loss of services and information, many enterprises do not take the critical step of ensuring that these security measures are properly implemented and enforced. Penetration testing is a vital component of a comprehensive security program. By thoroughly scanning and testing the network environment, a properly executed penetration test helps identify vulnerabilities in the network and prevent the loss or compromising of sensitive data. Tim West Consulting Scanning Assessments provide varying levels of penetration testing, depending on the needs of the enterprise. Using solid methodologies and a range of state-of-the-art tools and processes, the Tim West Consulting assessment team leverage it experience and expertise to identify, analyze, and prioritize security vulnerabilities. Working with the enterprise s internal security team, the Tim West Consulting team can develop long-range solutions to provide a comprehensive, scalable, and robust security solution. AUTHORIZATION TO PROCEED Onsite Testing---$5,000 Remote Testing ----$2,500 Tim West Consulting Customer Representative. Summary

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information