Embed Size (px)
DESCRIPTION
Citation preview
Penetration Testing for System
AdministratorsSept 13, 2010
ryan LinnNCSA Meeting
Thursday, September 23, 2010
Agenda
• Introduction
• Description of Penetration Testing
• Overview of Process
• Walkthrough of Common Tasks
• Questions/Closing
Thursday, September 23, 2010
Introduction
• Information Security Engineer at SAS
• Columnist at EthicalHacker.net
• Contributed code to Metasploit, Browser Exploitation Framework (BeEF), and Nikto
• Spoken at numerous regional and national security conferences
Thursday, September 23, 2010
Description of Pen Testing
• Means different things to different people• Find vulnerabilities and stop
• Find vulnerabilities and verify• Find vulnerabilities and see how far
you can get
• For today: Find vulnerabilities and verify
Thursday, September 23, 2010
Overview of Process
• Recon
• Discovery/Scanning
• Enumeration
• Exploitation
Thursday, September 23, 2010
Recon
• Non Invasive
• Whois
• Basic DNS Queries
Thursday, September 23, 2010
Discovery/Scanning
• Port Scans
• In-depth DNS queries
• Vulnerability Scanning
• OS Identification
Thursday, September 23, 2010
Enumeration
• SMB enumeration
• Oracle DB Enumeration
• User enumeration
Thursday, September 23, 2010
Exploitation
• Leverage information gathered
• Verify vulnerability information
• Possibly go back to gather more information if successful
Thursday, September 23, 2010
Walkthroughs
• Recon
• Scanning
• Exploitation
Thursday, September 23, 2010
Scanning
• Nmap Scans
• Port/Service/OS Identification
• Nessus/OpenVAS
• Vulnerability Scanner
• Safe Checks/Unsafe Checks
Thursday, September 23, 2010
Exploitation/Verification
• Metasploit
• Penetration Testing Framework
• Aids in Exploit Development
• Exploitation of Vulnerability
• Also has scanning capability
Thursday, September 23, 2010
Docs/Training
• SANS Sec504 : Incident Handling
• SANS Sec580: Metasploit Kung Fu for Enterprise Pen Testing
• http://www.offensive-security.com/metasploit-unleashed
• http://www.EthicalHacker.net
Thursday, September 23, 2010
Questions?
• Contact Info:
• Twitter: @sussurro
• Blog: blog.happypacket.net
• http://www.ethicalhacker.net
Thursday, September 23, 2010
