itet2 its penetration testing
TRANSCRIPT
- 1. 2010 Spring Morten Bo Nielsen [email protected] Servers and network Penetration testing
2. 2Networks and servers - [email protected] Are you secure? Bad question More correct: Are you secure enough? Use penetration testing 3. 3Networks and servers - [email protected] Penetration test Periodic tests External consultants Test reports Example Don't google for images related to penetration testing 4. 4Networks and servers - [email protected] Movie time Go here . Questions Is this realistic? Implied stuff? What is no told? Easy/difficult? Software used? Attack traces? 5. 5Networks and servers - [email protected] Quick summary, part I FTP server Enumerating Proftpd sql injection vuln. Reverse shell Locating user Database credentials Database server Bypassing non- routing network Firewall hole on port 3306 Reverse shell 6. 6Networks and servers - [email protected] Quick summary, part II Mail server Encrypted tunnel from target Port 445 SMB over TCP Circumvent NX Add privileged user and login user remote desktop 7. 7Networks and servers - [email protected] SQL injection Sidetrack: This is your son's school.. Social engineering attempt?