This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
*None of these tools are found on the BackTrack DiskHeorot.net
Perform Vulnerability Scan
Advantage of Vulnerability Scanners:“Click-and-Go”Basic knowledge of IT and SecurityPowerfulUp-to-date
Disadvantage of Vulnerability Scanners:“Click-and-Go”Basic knowledge of IT and Security
Heorot.net
Perform False Positive and False Negative
“False positives refer to non-issues that were incorrectly detected. Accordingly, false negatives refer to existent issues that were not detected during an assessment. In every assessment there is always the risk of any of these being present.”
○ Milw0rm.org○ Securityfocus.com○ Cert.org○ Packetstormsecurity.com○ National Vunerability Database
http://nvd.nist.gov/
MetasploitVulnerability Scanners
Heorot.net
Enumerate Discovered Vulnerabilities
Apache / milw0rm Demonstration
Estimate Probable Impact
High Risk Vulnerability○ “...immediate threat of high and adverse impact on the
business critical processes of the target organization”
Medium Risk Vulnerability○ “...threat of high and adverse impact to non-critical
systems in terms of business.○ “...no immediate threat nor a big impact and the
vulnerability affects critical business systems.”
Low Risk Vulnerability○ ...”the technical and business impact is low.”
Heorot.net
Identify Attack Paths and Scenarios for Exploitation Game plan on how to attack the system List of vulnerabilities
Threat Level based on Impact to business goals Measures to mitigate vulnerabilities Stopping point
About to move away from “Blue Team”and move into “Red Team”
Heorot.net
Hands-On Exercise Identify Live Hosts
Tools:The InternetList of Services
○ Version InformationOperating System
○ Version Information
Find known VulnerabilitiesBugtraq
○ http://securityfocus.com/archive/1
National Vunerability Database○ http://nvd.nist.gov/
Find Potential Exploitsmilw0rm.org (that’s a “zero”)
Securityfocus.comCert.orgPacketstormsecurity.com
Heorot.net
Module 5 – Conclusion
Phase II Controls Assessment Scheduling
○ Information Gathering○ Network Mapping○ Vulnerability Identification
Identify vulnerable services using service bannersPerform vulnerability scanPerform false positive and false negative Enumerate discovered vulnerabilitiesEstimate probable impactIdentify attack paths and scenarios for exploitation