Setting Up A Security Lab - By K.V. Prashant


Published on

null Bangalore Feb 2010 meet - Setting Up A Security Lab - By K.V. Prashant
How/where to start learning about security? By setting up your own small/cheap lab easily.


Published in: Technology
  • Be the first to comment

Setting Up A Security Lab - By K.V. Prashant

  1. 1. Setting Up A Security Lab<br />K.V.Prashant<br />
  2. 2. Setting Up A Security Lab<br />What is most common/repeated/ annoying(sometimes) question on security forums?<br />Ans:- I want to be a Hacker......<br />How can I be?<br />What should I read?<br /> we will try to address this today<br />
  3. 3. Web <br />Server<br />DB<br />App<br />Server<br />A Peak Into Malicious World<br />Server Side AttacksPort level attacks, Privilege escalations, Buffer Over Flow, SQL Injection, etc.<br />Client SideViruses, Malware, XSS, Logical Attacks<br />Network Layer VulnerabilitiesMan In The Middle, Sniffing, Spoofing, Wireless hacking<br />
  4. 4. System/Network Hacking Approach<br />Footprinting<br /><ul><li>Information Gathering (Whois, Nslookup,Google Hacking)
  5. 5. Locate the network range (Angry IP Scanner, Superscan)</li></ul>Scanning & Service Enumeration<br /><ul><li>OS fingerprintingDetect ‘live’ systems on the network
  6. 6. Detect Services running on target systems(Nmap)
  7. 7. Detecting Vulnerable services (Nessus, Lanquard)</li></ul>Attack/Hacking<br /><ul><li>Port Level Attacks (Meta Spoilt)</li></ul>Spoofing and Sniffing<br /><ul><li>Caine & Able</li></li></ul><li>Web Application Hacking Approach<br />1. Information Gathering<br />Technology used(Java, .Net, PHP), message formats(JSON, XML,name/vale)<br />Webserver, APPServer, Application firewall<br />2. Automated scanning <br />Commercial tools:- Appscan, Acunetix, WebInspect,Cenzic, NTOSpider, Nstalker<br />Open source:- W3AF, Paros, Webscarab, Burp, firefox extensions, like temper data, live http headers, XSSMe, SQLMe<br />3. Testing for OWASP to vulnerabilities <br />XSS, SQl…..<br />4. Test for Configuration attacks<br />Web server configuration pages<br />CMS admin pages(Admin/Admins) ;)<br />Logical attacks<br />
  8. 8. Getting Hands Dirty:- LAB for system hacking<br />Get your network ready….<br />At least 2 machines, preferably a powerful desktop.<br />Virtualization softwares<br />VMWare player<br />Sun virtualbox<br />
  9. 9. Getting into Business:- LAB for system hacking<br />Get vulnerable Operating systems<br />Unpatched Windows 2000, Xp<br />Damn Vulnerable Linux<br />de-ice<br />Hackerdemia<br />pWnOS<br />Ubuntu 7.04<br />Vulnerable Matriux<br />Security Distros(<br />Backtrack<br />Matriux<br />Moth/Lambert<br />Helix(Forensic Distro)<br />
  10. 10. Getting into Business:- LAB for Web-Applications hacking<br />Insecure Applications<br />WebGoat<br />Hacme Tools(bank, Casion,Books,Travel…)<br />Damm vulnerable app<br /><br /><br />Hands on<br />Older versions of CMS tools like XOOPS, drupal<br />OrangeHRM<br />Follow backtrack mailing list & try to replicate issues…<br />
  11. 11. Road ahead….<br />Simulated network lab<br />Cisco emulators<br />Malware analysis lab<br />Static & Behavior based analysis<br />