1 / 18

Tactics and Penetration Testing

Tactics and Penetration Testing. Overview. Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration testing Methods Guidelines. Tactics. Reconnaissance Exploit Communication Command Effect Reserve Implications. Critical Issues.

hisano
Download Presentation

Tactics and Penetration Testing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tactics and Penetration Testing

  2. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. • Tactics • Penetration testing • Methods • Guidelines

  3. Tactics • Reconnaissance • Exploit • Communication • Command • Effect • Reserve • Implications

  4. Critical Issues • What must you defend? • Mission of the organization • Assets of the organization • What can you defend? • Personnel limitations • Information limitations • What is likely to be attacked?

  5. Reconnaissance Extend view of the World • Finding the network: Lookup, DNS, Routes • Locating key hosts: Services, Public Nodes • Profiling: Role, OS, Age, Content, Relations, hosts vs. decoys • Points of Access: Initial and Follow-on • Points of Vulnerability: technical, procedure • Points of Exploit: Change State • Points of Effect: Channel, Target, Cover

  6. Exploit Methods by which to gain access or elevate privileges • System type: Service and OS • End goal: Impersonate, Intercept, Modify, Interrupt • Jump points: Local, Border, Remote • Methods: Vulnerability, Action, Reaction • Evidence: System, Defense, Network

  7. Communication Transfer of information on progress • Indicators: External evidence of progress • Waypoints: Phases of method • Signaling: Present, Ready, Beacon • Reporting: Success, Fail, Options • Transfer: Information, Code, Command

  8. Command Directing actions of hack • Manual vs. Automatic: interactive, shells • Command Channels: application, infrastructure • Encryption and encoding • Passive vs. Active • Intelligence: actions, options, productivity • Commanding Effects

  9. Effect Mechanism for advancing hack • Employ, Corrupt, Install, Reconfigure • Phased effects • Split effects • Delegation, Propagation, Relocation • Confusion • Reconnaissance • Plant the flag, Capture the flag

  10. Reserve Unused means of attack • Respond to defenses • Respond to detection • Branch points • Redundancy • Deception

  11. Implications Replicating attacks Modifying attacks Operational damage Mission damage

  12. Penetration Testing • Identify weakness • Inform response: Priority, Options, Effectiveness • Assess security performance • Communicate risk: “We think we’re really secure.”

  13. Methods • Appropriate to goal • Within scenario • Deception • Bounded range • Bounded damage

  14. Guidelines Agreement on terms of penetration • Goal • Constraints • Liabilities • Indemnification • Success and Failure

  15. Goal • Personnel • Process • Technology • Service • Readiness • Exploration

  16. Constraints • Where applied • When applied • Scenario • Resources: cost, effort, personnel, technology • Excluded methods

  17. Liabilities • Technical instability • Personnel distraction • Financial dispersion • Public perception • Mission disruption

  18. Indemnification • Authority • Accountability • Oversight and Decision • Reporting • Information handling • Non-disclosure

More Related