LPTv4 module 40 security patches penetration testing

Penetration Testing Roadmap cont’d Cont’d Security Penetration Testing Penetration testing Penetration Testing Virus and Trojan Detection Penetration Testing Log Management Penetration

Trang 1

ECSA/ LPT

EC-Council

Security Patches Pen etration Testin g e et at o est g

Trang 2

Penetration Testing Roadmap

Start Here

Firewall

Penetration Testing

Router and Switches

Internal Network

IDS

Wireless Network

Denial of Service

Password Cracking

Stolen Laptop, PDAs and Cell Phones

Social Engineering Application

Cont’d

Penetration Testing Penetration Testing

Trang 3

Penetration Testing Roadmap

(cont’d)

Cont’d

Security

Penetration testing Penetration Testing

Virus and Trojan Detection

Log Management

File Integrity Checking

Blue Tooth and Hand held Device

Telecommunication And Broadband Comm nication

Email Security

Security Patches

Data Leakage

End Here

Communication

g

Trang 4

Patch Management

It is a part of system management which involves acquiring,

testing, and installing of patches to an administrated

computer system

Patch management tasks include:

• Maintaining current knowledge of the available patches.

• Deciding what patches are appropriate for the particular systems.

E i h h i ll d l

• Ensuring that patches are installed properly.

• Testing systems after installation.

• Documenting all associated procedures, such as specific

configurations required

configurations required.

Trang 5

Patch and Vulnerability Group

(PVG)

PVG d l ith l bilit di ti ff t lik OS

PVG deals with vulnerability remediation efforts like OS, application patching, and configuration changes

Responsibilities of PVG:

• Conduct testing of patches and non-patch remediation

• Create a database of remediation

Di t ib t i f ti l t d t l bilit d di ti

• Distribute information related to vulnerability and remediation

to the local administrators

• Configure automatic update of applications

• Monitor security sources for vulnerability announcements like Monitor security sources for vulnerability announcements like patch and non-patch remediation

Trang 6

Penetration Testing Steps

1 • Check if organizations have a PVG in place

2 • Check whether the security environment is updated

• Check whether organization use automated patch management tools

3 Check whether organization use automated patch management tools

4 • Check the last dates of patching

5 • Check the patches on non-production systems

6 • Check the vender authentication mechanism

6

7 • Check whether downloaded patches contain viruses

• Check for dependency on new patches

Trang 7

Step 1: Check If Organizations

has a PVG in Place

Vulnerability Group (PVG).

Trang 8

Step 2: Check Whether the Security

Environment are Updated

New types of vulnerabilities may arise with the

installation of new patches.

These new patches may affect the security

environment.

Try any malicious action on the system, and check

whether the security environment such as firewall,

antivirus, and security software tools are updated.

Trang 9

Step 3: Check Whether Organization use Automated Patch Management Tools g

Check whether organizations use automated patch management

UpdateEXPERT.

Trang 10

Step 4: Check the Last Dates of

Patching

Check whether

Ch k th l t the database is

maintained for patching by

Check the last date when a patch was

patching by

Trang 11

Step 5: Check the Patches on

Non-Production Systems

Patches may contain malicious code that affects the system

Before installing on the main system, check whether the patches and

configuration modifications are tested on the non-production systems

Trang 12

Step 6: Check the Vender Authentication Mechanism

Check whether the downloaded patches are checked against any of the authentication methods

The authentication method can be:

• Cryptographic checksums yp g p

• Pretty Good Privacy (PGP) signatures.

• Digital certificates.

Trang 13

Step 7: Check Whether Downloaded

Patches Contain Viruses

Try to download any malicious or virus patch

on the system

Run an anti-virus tool over downloaded virus

patch and check whether anti-virus detects

virus or not

Check whether the virus signature database or

anti-virus program is up to date

Trang 14

Step 8: Check for Dependency of

New Patches

Check whether

there is

dependency

installing new patch

inadvertently

New Patches

between the

patches if installed

sequentially.

inadvertently uninstalls or disables another patch

patch.

Trang 15

Security Checklist for Patch

Management

Organizations should create a patch

and vulnerability group (PVG).

Organizations should use automated

patch management tools.

Download the patches from home site

of the product.

Scan the patches for viruses

Scan the patches for viruses.

Trang 16

Patch Management Tools

Altiris Patch Management Solution

ANSA

BigFix Patch Manager

BindView Patch Management

C5 Enterprise Vulnerability Management Suite

E P t h M

Ecora Patch Manager

eTrust Vulnerability Manager

GFI LANguard Network Security Scanner

Hercules

HFNetChkPro

Trang 17

Patch Management Tools (cont’d)

LiveState Patch Manager ManageSoft Security Patch Management Marimba Patch Management

NetIQ Vulnerability Manager Opsware Server Automation System PatchLink Update

PolicyMaker Software Update Prism Patch Manager

SecureCentral PatchQuest Security Update Manager

Trang 18

Patch Management Tools (cont’d)

Systems Management Server

SysUpdate

UpdateEXPERT

Windows Server Update Services

ZENworks Patch Management

LANDesk Patch Manager

Service Pack Manager

Sitekeeper (Patchkeeper module)

Software Update Services p

Trang 19

Patch management is a part of the system management which

involves acquiring, testing, and installing of patches to an

administrated computer system.

New types of vulnerabilities arise with the installation of latest

h patches

Organizations should create a patch and vulnerability group

(PVG).

Định dạng
Số trang	20
Dung lượng	735,22 KB