Your SlideShare is downloading. ×
Penetration testing
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Penetration testing

1,467
views

Published on

Technical workshop about Penetration Testing for BPPT

Technical workshop about Penetration Testing for BPPT

Published in: Technology

0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,467
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
159
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SECURITY PENETRATION TESTING TEKNIS PELATIHAN KEAMANAN INFORMASI AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 2. AGENDASECURITY ASSESSMENT VULNERABILITY ASSESSMENT SECURITY AUDIT PENETRATION TESTING VA V.S PENTEST PENTEST V.S SYSTEM AUDIT AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 3. AGENDAPENETRATION TESTING TYPE SCOPE (AREA) LIMITATIONSPENETRATION TESTING METHODOLOGIES WELL KNOWN STANDARD AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 4. SECURITY ASSESSMENTIS A WAY TO VALIDATE/CHECK THE LEVEL OF SECURITYON EVERY ASPECT OF IT INFRASTRUCTURE.ALSO TO ENSURE THAT NECESSARY SECURITYCONTROLS ARE INTEGRATED INTO THE DESIGN ANDIMPLEMENTATION.TO PREPARE FOR BETTER ENHANCEMENT AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 5. SECURITY ASSESSMENTVULNERABILITY ASSESSMENT A VULNERABILITY ASSESSMENT IS USUALLY CARRIED OUT BY SECURITY VULNERABILITY SCANNER APPLICATION. MOST OF THE PRODUCT TEST TYPE OF OPERATING SYSTEM, APPLICATION, PATCH LEVEL, USER ACCOUNT AND ELSE. VULNERABILITY SCANNER IDENTIFY COMMON SECURITY CONFIGURATION MISTAKES AND COMMON ATTACK AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 6. SECURITY ASSESSMENTSECURITY AUDIT MOST PART ARE CHECKLIST-BASED (CORPORATE SECURITY POLICICES OR REGULATION STANDARDS (ISO) OR PBI) IMPORTANT FOR BEING COMPLIED WITH SECURITY POLICIES, LEGISLATION AND STANDARDS E.G: IS THERE ANY BACKUPS? ANTIVIRUS? AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 7. SECURITY ASSESSMENTPENETRATION TESTING IS WHEN A “HACKER” DO THE ATTACKER WORK. THE ONLY GOAL IS TO GET AS MUCH AS POSSIBLE AND AS DEEP AS POSSIBLE TO BREAK INTO THE SYSTEM. AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 8. VA V.S PENTESTVULNERABILITY ASSESSMENT IDENTIFIES THE“POSSIBLE” VULNERABILITIES (ALSO FALSE POSITIVE)PENETRATION TESTING VALIDATES THE VULNERABILITY AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 9. PENTEST V.S SECURITY AUDITSSECURITY AUDITS IMPORTANT FOR BEING COMPLIEDWITH SECURITY POLICIES, LEGISLATION ANDSTANDARDSPENTEST COMPLEMENT SYSTEM AUDITS AND HELP TOFIX SECURITY THREAT BEFORE AN ATTACKERDISCOVERS IT AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 10. PENETRATION TESTINGCHECK SENSITIVE INFORMATION AVAILABLECHECK WHAT KIND OF PRIVILEGES PENTESTER GAINCHECK IF POSSIBLE TO ESCALATE PRIVILEGESCHECK IF VULNERABILITY CAN LEAD TO MORE EXPLOITS(ANOTHER APPLICATION, SYSTEM, OR SERVER) AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 11. PENETRATION TESTINGTYPE OF PENETRATION TESTING: BLACK BOX: 0 INFORMATION ABOUT THE SYSTEM, MAYBE ONLY THE IP/DOMAIN NAME. FULL ATTACKER PERSPECTIVE GRAY BOX: PARTIAL INFORMATION ABOUT A SYSTEM, SIMULATE ATTACK BY EMPLOYEE, VENDORS. WHITE BOX: SIGNIFICANT INFORMATION ABOUT A SYSTEM, SOURCE CODE/CONFIGURATION REVIEW. AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 12. PENETRATION TESTINGNETWORK INFRASTRUCTURE PENTEST WIFI, VOIP, TELEPHONEAPPLICATION INFRASTRUCTURE PENTEST WEB, MOBILESYSTEM INFRASTRUCTURE PENTESTPHYSICAL SECURITYSOCIAL ENGINEETING (PEOPLE) AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 13. PENETRATION TESTINGMOST LIMITATIONS TIME SKILLED ACCESS TO EQUIPMENT AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 14. PENETRATION TESTINGMETHODOLOGY A GUIDELINE FOR SOLVING A PROBLEM, WITH SPECIFIC COMPONENTS SUCH AS PHASES, TASKS, METHODS, TECHNIQUES AND TOOLS AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 15. PENETRATION TESTINGWELL KNOWN STANDARD ! AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 16. PENETRATION TESTINGSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 17. PENETRATION TESTING INFORMATION GATHERING : USING ALL RESOURCES (INTERNET) TO FIND ALL THE INFORMATION ABOUT TARGET, USING TECHNICAL AND NON-TEHCNICAL METHODSSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 18. INFORMATION GATHERINGNON TECHNICALSEARCH COMPANY INFO ON SOCIAL NETWORK :LINKEDIN.COM, FACEBOOKSEARCH KEY PERSONAL ACTIVITY: ADMINISTRATOR,PROGRAMMERGOOGLE HACKING AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 19. HANDS ONINFORMATION GATHERING VIA SOCIAL NETWORKINFORMATION GATHERING VIA GOOGLE HACKING AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 20. INFORMATION GATHERINGTECHNICALUSING DIG. NSLOOKUP, WHOIS TO FIND INFORMATION AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 21. HANDS ONINFORMATION GATHERING USING DIGINFORMATION GATHERING USING WHOIS AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 22. PENETRATION TESTING NETWORK MAPPING: FOOTPRINT THE NETWORK AND RESOURCES THAT ALREADY GATHER FROM INFORMATION GATHERING. E.G: FIND LIVE HOST, PORT AND SERVICE, NETWORK PERIMETER, OS AND SERVICE FINGERPRINTINGSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 23. NETWORK MAPPING TOOLS: NMAP, TRACEROUTE, PING MENCOBA NMAP, TRACEROUTESOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 24. HANDS ON AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 25. HANDS ON AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 26. PENETRATION TESTING VULNERABILITY IDENTIFICATION : IDENTIFY ALL SERVICES VULNERABILITY (BASED ON VERSION/ BANNER), USING VULNERABILITY SCAN, IDENTIFY ATTACK PATH TOOLS: NMAP, NESSUSSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 27. HANDS ONNMAP -SV (DETECT OPEN PORT WITH SERVICE INFO(VERSION))NMAP -O (DETECT POSSIBLE OS) AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 28. PENETRATION TESTING PENETRATION: TRY TO GAIN UNAUTHORIZED ACCESS BY CIRCUMVENTING THE SECURITY MEASURES TO GET ACCESS,. E.G: FIND POC, CREATE TOOLS, TESTINGSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 29. PENETRATION TESTING GAINING ACCESS AND PRIVILEGES : GAINING LEAST PRIVILEGE BY DEFAULT USER OR PASSWORD, DEFAULT SETTINGS, PUBLIC SERVICES, TRY TO ESCALATE PRIVILEGES TO SUPERIOR LEVEL (ADMINISTRATOR/ ROOT) USING/CREATING EXPLOIT OR METASPLOIT (FREE) , IMMUNITY CANVAS, CORE IMPACTSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 30. HANDS ONUSING METASPLOITUSING LOCAL EXPLOIT TO GAIN HIGHER LEVELPRIVILEGES AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 31. PENETRATION TESTING ENUMERATING FURTHER: OBTAIN PASSWORD (PASSWORD FILE (/ETC/SHADOW, SAM), USER DATABASE), SNIFFING NETWORK, MAPPING INTERNAL NETWORKSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 32. HANDS ONCRACKING PASSWORD FILE AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 33. PENETRATION TESTING COMPROMISE REMOTE USERS/SITES: (IF POSSIBLE) TRY TO COMPROMISE REMOTE USER (VPN USERS) TO GET PRIVILEGE TO INTERNAL NETWORKSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 34. PENETRATION TESTING MAINTAINING ACCESS: OFTEN NOT PERFORM COVERING TRACKS: OFTEN NOT PERFORMSOURCE: ISSAF AHMAD MUAMMAR !(C)2011 | @Y3DIPS
  • 35. PENETRATION TESTINGVALUE IS ON THE REPORTPENETRATION TESTING SERVICE LEVEL AGREEMENT NON DISCLOSURE AGREEMENTTHERE ARE ALWAYS A RISK, E.G : SYSTEM DOWN/CRASH DURING PENTEST, SLOWDOWN NETWORK AHMAD MUAMMAR !(C)2011 | @Y3DIPS