Steps for Broadband Communication Penetration Testing g • Check whether the firewall device is installed on the network.. Step 1: Check Whether the Firewall Device is Installed on Networ
Trang 1/ ECSA/ LPT
Telecom m un ication an d Broadban d Com m un ication Pen etration Testin g
Trang 2Penetration Testing Roadmap
Penetration Testing
Internal Network
Penetration Testing
IDS
Penetration Testing
Wireless Network
Penetration Testing
Denial of Service
Penetration Testing
Trang 3Penetration Testing Roadmap
War Dialing VPN
Penetration Testing
Log Management
Penetration Testing
File Integrity Checking
Blue Tooth and Hand held Device
Penetration Testing
Telecommunication And Broadband
C ni ti n
Email Security
Penetration Testing
Security Patches
Penetration Testing
Trang 4Broadband Communication
Employees connected to the corporate and government networks via
broadband communication are a threat.
Trang 5Risk in Broadband Communication
“Always on” broadband connections serve as a medium for attackers to
attack home computers and networks
attack home computers and networks
Internet connection involves a risk of unauthorized access
For dial-up connections, ISP provides a different IP address for each
login
High speed of downloading feature benefits the attacker to download
information from the system within minutes
Virus or Trojans are uploaded to the targeted systems at high speed
Malicious software can steal confidential information, and thus launch
Malicious software can steal confidential information, and thus launch
DoS attacks
Trang 6Steps for Broadband Communication
Penetration Testing g
• Check whether the firewall device is installed on the network
1 Check whether the firewall device is installed on the network.
2 • Check whether web browsers are properly configured
3 • Check for operating system configuration options
Trang 7Step 1: Check Whether the Firewall Device
is Installed on Network
Ch k h th th fi ll i i t ll d th t k t
Check whether the firewall is installed on the network or not.
All the home networks connected to the corporate network via
broadband connection should install the firewall.
Trang 8Step 1: Check Whether the Firewall Device
is Installed on Network (cont’d) ( )
• Check whether personal and hardware firewalls are installed
1.1 Check whether personal and hardware firewalls are installed.
Check hether these fire alls pre ent intr ders or detect an 1.2
• Check whether these firewalls prevent intruders or detect any rogue software
1.3 • Check whether the logging is enabled on the firewall.
Trang 9Step 1.1: Check Whether Personal and
Hardware Firewall are Installed
A personal firewall installed on the system provides security to
the user’s system.
A hardware firewall placed between the broadband connection
and the network provides more security to the network.
Check whether personal and hardware firewall are installed or
not
not.
Trang 10Step 1.2: Check Whether These Firewall Prevent Intruders or Detect Any Rogue
Software
Check whether these firewalls prevent intruders or detect the p
software sending important data the from the company’s network
to an external system
Try to send any known harmless virus or Trojan into the
network, and check whether the firewall is active or not.
Trang 11Step 1.3: Check Whether the Logging is
Enabled on the Firewall b
Check whether the logging is enabled/disabled on the
firewall.
If the logging is disabled, intrusion attempts will go
unnoticed.
Trang 12Step 1.4: Check Whether the Firewall
is in Stealth Mode
Ch k h fi ll fi i d h h h fi ll i
Check the firewall configuration, and see whether the firewall is
in stealth mode.
If it is in stealth mode, the system hides the targeted system and
does not respond to the selective port scanning.
Trang 13Step 2: Check Whether Web Browsers are Properly Configured
2 1 • Check whether the browser has default configuration.
2.1
2.2 • Check for the browser plug-ins.
2.3 • Check whether the active code is enabled.
2.4 • Check whether the browser version is updated
2.5 • Check whether the cookies are enabled
• Check whether the scripting languages are enabled2.6 • Check whether the scripting languages are enabled.
Trang 14Step 2.1: Check Whether the Browser
has Default Configuration g
Check whether the security
level of the web browser is
set at default level.
Improper or default
configuration of a web
browser may make it
vulnerable to attacks.
Trang 15Step 2.2: Check for the Browser
Plugins
Browser plug-ins should be limited to only those required by
th d
the end user.
Browser plug-ins are vulnerable to attack p g
Check whether the installed plug-ins are from trusted sites.
Trang 16Step 2.3: Check Whether Active
Code is Enabled
Check whether the ActiveX controls are enabled or disabled.
Trang 17Step 2.4: Check Whether the Browser
Version is Updated p
Check whether the browser is latest and secure
Check whether the automatic update option is on or not
Trang 18Step 2.5: Check Whether the
Cookies are Enabled
Check whether the cookies are enabled or not
Check whether the cookies are enabled or not.
Try to read the cookies from the browser
Try to read the cookies from the browser.
Use some tools such as cookie viewer to view the content of
the cookies.
Trang 19Step 2.5: Check Whether the
Cookies are Enabled
Trang 20Step 2.5: Check Whether the
Cookies are Enabled
Trang 21Step 2.6: Check Whether the Scripting Languages are Enabled p g g g b
Scripting languages are
vulnerable to attacks.
Check if the scripting options
are enabled or not.
Trang 22Step 3: Check for Operating System
Trang 23Step 3.1: Check Whether Operating System and Application Software are Updated pp p
Check whether the operating
system and application
software are of latest version
software are of latest version.
Use of old and unsecure
version may be vulnerable to
attack.
Trang 24Step 3.2: Check Whether the File and Printer Sharing Option is Enabled g p b
Ch k h th th fil d i t h i ti i bl d
Check whether the file and printer sharing option is enabled
Go to the control panel and check the printer and hardware optionå
Printer and Faxeså select any printer, right-click, and select
Sharing.
Try to access the file and printer available in the network
Trang 25Step 3.3: Check Whether the Anti-Virus Programs are Enabled
Check whether the anti-virus programs are enabled or not.
Send any virus program over the system, and check
whether the anti-virus is active or not.
Trang 26Step 3.4: Check the Configuration
of Anti-Virus Program
Check the configuration of the anti-virus program
Check the configuration of the anti virus program.
Configure these software so that they will scan all incoming files
Trang 27Step 3.5: Check Whether
Anti-Spyware are Enabled
Send any spyware program in the system and check y py p g y
whether anti-spyware is enabled or not.
Trang 28Step 4: Check for Wireless and other
• Try to perform war driving
Trang 29Step 4.1: Check for VPN Policy
Configurations
See for VPN policy configurations as these are pre- p y g p
configured with the needs of an organization
Check for the policies related to encryption, message
authentication code, and selective or total protection
Trang 30Step 4.2: Try for Wiretapping
Try to tap the wireless communication
Use wiretapping tools such as Wiretapping Professional Wire Tap Pro
etc
Trang 31Step 4.3: Try to Perform War
Driving
Try to perform war driving with different war driving tools such as
aerosol, airfart, and airsnarf on the wireless network
Search for targeted wireless networks using third-party tools equipped
with a computer, laptop, or a PDA
Trang 32Step 4.4: Check Whether the Wireless Base
Station is at Default Configuration g
Check if the configurations of wireless base station are default ones if so
• Connecting to the telecommuter’s base station
base station are default ones, if so, attack by:
• Intercepting and monitoring the traffic
• Hijacking existing sessions and launching DoS attacks
• Attacking other wireless clients by bypassing the base station
Trang 33Step 4.5: Check Whether WEP is
Run the NetStumbler tool to showcase
the implementation of wireless
network.
It shows whether the network is using
WEP or not.
If WEP is present, it shows the circle to
the left of the MAC address that has a
picture of a small lock inside it.
Trang 34Step 4.6: Try to Crack the WEP
Key
Try to crack the WEP key.
Use some WEP key cracking tools such as:
• Aircrack
• WEPCrack.WEPCrack
Trang 35Step 4.7: Try to Crack the SSID
Password
Try to crack the SSID password y p
Try different password cracking tools such as John the Ripper, Passwd+, and L0phtCrack to crack the SSID password
and L0phtCrack to crack the SSID password
Enter Password
Trang 36Step 4.8: Check Whether the Simple Network Management Protocol (SNMP) is
Trang 37Guidelines for Securing Telecommuting
and Home Networking Resources g Install and configure a good network firewall g g
Configure web browsers to reduce vulnerability
Active code should be used in conjunction with trusted sites
Configure operating system to increase security
Use encryption for transmitting and storing data
Select secure wireless or other networking technologies
Trang 38Guidelines for Securing Telecommuting and Home Networking Resources (cont’d) g ( )
Use additional encryption beyond WEP
Use add t o a e c ypt o beyo d W
Keep the strong password for SSID
Disable SNMP on wireless base station and wireless client
Disable file and printer sharing
Trang 39Internet connection involves a risk of unauthorized access
Malicious software can steal confidential information and thus launch
DoS attacks
Use additional encryption beyond WEP
Use encryption for transmitting and storing data
Use encryption for transmitting and storing data