Slide 1

Team BAM! Scott Amack, Everett Bloch, Maxine Major

Slide 2

Overview What is penetration testing? Who uses it and why? Penetration testing tools Demo

Slide 3

What is Penetration Testing? Goal: identify holes in computer security Penetration testing is identification of vulnerabilities. Penetration testing may or may not include exploitation.

Slide 4

What is Penetration Testing? There are two sources of vulnerabilities to which penetration testing may be applied: Human Physical access to computing systems Untrained / poor decisions Hard to fix Non-human Open/unprotected ports Poor passwords Website vulnerabilities (XSS, etc.)

Slide 5

Who Uses Penetration Testing? Most major companies perform penetration testing on their own services. average loss is $5.5 million (not including value of data stolen!) FICO - continually pen testing Data vulnerability management Market $400.5 million in 2011 $1 billion expected in 2016 (Businessweek) Penetration testing is more than just using tools.

Slide 6

Penetration Testing Penetration tester Kevin Bong developed the Mini Pwner: a computer the size of an Altoids tin. After being plugged into a companys Ethernet port, Mini Pwner: Runs simple scanning tools, Maps a companys network, Creates a VPN connection so a hacker can connect to the routers wifi, and run further exploitation tools. (Forbes, 2012)

Slide 7

Penetration Testing The easiest way to get into a company is still to walk in looking professional and talk your way into a wiring closet - Kevin Bong, Synercomm penetration tester

Slide 8

Penetration Testing Tools Port Scanners Vulnerability Scanners Application Scanners

Slide 9

Penetration Testing Tools Port Scanners Gather info from a test target from a remote network location. They tell us what network services are available for connection Probes each of the targets ports or services Scans both TCP/UDP Probing with TCP allows scanners to find out what OS is running

Slide 10

Penetration Testing Tools Port Scanners Common Port Scanners include Nmap Angry IP Scanner Superscan NetScanTools Unicornscan

Slide 11

Penetration Testing Tools Vulnerability Scanners Tests the vulnerabilities on target system. Not only collects data about ports, it tests the ports.

Slide 12

Penetration Testing Tools Commonly used Vulnerability Scanners Nessus Core Impact Nexpose QualysGuard Retina Nipper SAINT

Slide 13

Penetration Testing Tools Application Scanners Targets web based applications Probes each page of an web-based application and attempts common attacks on each page of the application. Tests for the potential to attack: Buffer overruns Cookie manipulation SQL injection XSS

Slide 14

Penetration Testing Tools Commonly used Application Scanners Appscan Nikto WebInspect w3af Paros proxy WebScarab sqlmap skipfish

Slide 15

The Future of Penetration Testing Idappcom developed software Traffic IQ as an attempt to replace penetration testing companies. Data comes from Sourcefire, McAfee, Juniper, Cisco, etc. Exploits come from Metasploit, Packetstorm and SecurityFocus forums. Can be continually run, rather than snapshot penetration testing. (Just another tool.)

Slide 16

Penetration Test Demo Tool we will use: Nmap Goal: discover and gather information on open ports and vulnerabilities on target systems in this laboratory.

Slide 17

Nmap Demo Recap -sTTCP -sSSYN -sUUDP -sXXMAS -sNNULL

Slide 18

Conclusions Penetration testing must look for both the human and non-human weaknesses of a system. Penetration test your own system before someone else does! Penetration testing tools are useful, but their power is incomplete. Experience is the best tool.

Slide 19

Recap What is penetration testing? Who uses it and why? Types of penetration testing tools Port Scanners Vulnerability Scanners Application Scanners Nmap demo

Slide 20

Questions?

Slide 21

References Nmap http://nmap.org/ Hacker's Tiny Spy Computer Cracks Corporate Networks, Fits In An Altoid Tin http://www.forbes.com/sites/andygreenberg/2012/04/17/hackers-tiny-spy- computer-cracks-corporate-networks-fits-in-an-altoid-tin/ FICO Hacks Itself to Prevent Cybercriminal Attacks http://mobile.businessweek.com/articles/2012-04-03/fico-hacks-itself-to- prevent-cybercriminal-attacks Organisations can stay cyber secure with fixed-price penetration testing http://www.melodika.net/index.php?option=com_content&task=view&id=5 61926&Itemid=55 Idappcom seeks to displace penetration testers http://www.pcworld.idg.com.au/article/362450/idappcom_seeks_displace_p enetration_testers/