School Work

Vuln - Task 2

Description
VUT2 Task2 Western Governors University, Subject: Network Security Vulnerability Testing – Permission Needed, Descriptions and Limitations of Selected Tools
Categories
Published
of 4
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Transcript
  INFORMATIONAL MEMORANDUM To: John Q. Smith, Information Technology Director City Police Department From:., Information Security Associate City Police Department Subject: Network Security Vulnerability Testing  –   Permission Needed As a result of the media exposure surrounding the City Police Department’s new police chief hire, the data network that supports the department was targeted and compromised. Our examinations, so far, have found that the data integrity of one of our servers has been compromised and a plain text file was placed on the server without our knowledge. Though the extent of the compromise has not yet been fully determined, it is my recommendation that we commission an investigation by a third party security organization to do a root cause analysis. In the meantime, our initial response has been decided by management. We will  begin a network penetration test on our network infrastructure to identify and exploit any gaping security holes (white hat). Knowing what happened that led to this compromise is of great importance, but of even greater importance is to look for any security flaws we find so that we aren’t compromised again in the immediate future.  To undertake this task of conducting a penetration test to find the holes in our network infrastructure we will need penetration testing tools. I have decided on the following three penetration testing tools: Aircrack-ng, Nessus and Metasploit. Descriptions and Limitations of Selected Tools Aircrack-ng Aircrack-ng is a group of wireless exploitation tools that allows an attacker to  penetrate an organization or person’s wireless network. According to   Henry Dalziel from concise-courses.com, aircrack-ng is made up of several different  programs that include: rcrack-ng (which can cracks WEP and WPA Dictionary attacks), airdecap-ng (which can decrypts WEP or WPA encrypted capture files), aireplay-ng (which is a packet injector), airodump-ng (which is a packet sniffer), and several others. (http://www.concise-courses.com/security/top-ten-pentesting-tools/) Aircrack-ng is limited to the use of being an infiltration and wireless network access tool. This limitation makes it good for getting network access to an organization or individual but other tools would be require to completely penetrate a network. Nessus  Nessus is a vulnerability scanning tool. It scans a target’s IP and ports against a database of known signatures. When a scan is complete and match is found,  Nessus gives a list of the discovered vulnerabilities. These vulnerabilities can take the form of security holes, default/common passwords, legacy exploits, zero day exploits or even misconfiguration. Though Nessus has the ability to look for vulnerabilities, its capabilities outside of scanning are limited. Though it does an amazing job at identifying potential attacks against a target, it cannot exploit targets natively. Nessus biggest limitation in my opinion is its reliance on known signatures to trigger alerts. In other words, it can only find Vulnerabilities it specifically has updated information on.    Metasploit Metasploit is a database of security vulnerability code and tools that helps security  professionals and “ hobbyists ”  alike explore and exploit computer weaknesses. Metasploit is one of the most, if not the most, popular security tools used by information security and penetration testers around the world. Its limitations are that Metasploit has a steep learning curve. For the more complicated exploits you have an understanding of computer logic and knowledge of how to program in a few different languages (Python, C, etc.) in order to get the most out of it. Performing a network penetration test By themselves, Aircrack-ng, Nessus and Metasploit do not have enough functionality to complete a penetration test. That is why we will use each of the 3 tools for a specific phase of the entire Penetration test. To begin, I would start with using the Aircrack-ng suite to get network access while outside of the Police Station (War driving). This would allow me a bit of anonymity (reducing my risk of being discovered) while giving me a good chance to crack the WPA2 protection and gain entry into the Police Stations wireless network. Assuming everything goes as planned, once I attain network access I would then use the Nessus Vulnerability Scanner to map and search for vulnerable targets. The  Nessus scanner is automated and will search out any connected network in order to find banners, server versions, protocols open/running, etc. With this information,  Nessus is able to match the discovered servers to profiles it keeps in its database. When a match is found, Nessus will display a report of vulnerabilities based on that discovered servers information and then rank those vulnerabilities by severity level. The higher the severity, the greater the risk. Those servers with high risks and available exploits are the servers I will attack. Once the vulnerabilities are exposed then a server with a high likelihood of being compromised will be selected. The selected server should be the highest value  target that’s the easiest to exploit; T hat’s where Metasploit would become useful. I would use the Metasploit Open Source project to find specific relevant exploit tools or code that matches the weakness (discovered by Nessus) in my server. Once I have network access, a target and code to exploit my target I can change the Metasploit provided attack scripts to fit the network I want to attack and begin my exploit. Conclusion It is my professional recommendation that we move forward with acquiring these 3 testing tools as soon as possible. Our network has been compromised and we have to take decisive yet swift action in order to adopt a more secure network environment. . Information Security Associate City Police Department

lecture_2

Jul 22, 2017
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks