Penetration Testing Scope

Transcription

1 Penetration Testing Scope Discussing the key areas of the Penetration Testing process 4/18/2013 Nz Paper Linux and Web Application Security - nzpaper.blogspot.com Zeeshan Khan

2 2 Abstract: The aim of this work is to point out the key areas of Penetration testing process. The factors defined in this paper should be tested according to predefined strategy. Each factor defined here, requires a separate testing, and fixing them eliminates the maximum weaknesses affecting the overall system security. Keywords: Penetration Testing, Security, Linux Security

3 3 Introduction In this paper, we will try to discuss the scope of penetration testing. It means we will talk about the factors which are subjected to be attacked by hackers. Every factor we will identify here, have their known vulnerabilities and thus have a lot of impact in overall server security. Every attack occurs in one of these areas. Let's discuss them shortly. Operating System The first factor of pen-testing is the Operating System relies on the server. The Microsoft Windows or Open Source Linux, have their known vulnerabilities. Hackers try to code exploits for various flaws they see on Vulnerability Databases. Most flaws are still unexploited but, the hackers or pen-testers with a good knowledge of computer programming, are able to code scripts for each flaw they can understand how to exploit them manually. So this is the first responsibility of a server admin to be aware of his OS, and performs Patch application on a regular basis. Web Server Software Most of the time, systems online will have web servers running on port 80. There may be other services too, like FTP on a Shared Hosting system. Every piece of software has its own list of known flaws, which is the first look of any attacker to assess whether he can exploit any flaw about that software, or it is more happening to look a public code available for the flaw listed. Similarly, software like Web Server (Apache HTTPD) has lots of misconfiguration issues, which may or may not be exploited in proper way But an attacker can use them for gaining various choices like Escape Privileges. Be regular in updating yourself from official bug list of Open Source Tools like Web Server software, and perform a Patch Management Process on a regular basis. Running Services Services running on your server also provide a possible road map for attackers. An unused service running on the server, which accept connections without the validation of the source, may allow anonymous connections which cause the system possible local affection. Similarly, close every service you think is not used frequently. Also scan all the services for possible Bugs they may have listed. Perform a basic scanning for identifying known misconfiguration of every service currently running (using automated tools). And install the port utilities, which provide defensive security against port common attacks.

4 4 Web Applications On Shared Hosting systems, there are lots of websites hosted on a single server. The sites contain different web applications running on them. As every site has its own contents and the way it made on, the attackers can target any website to gain access to your server. Later, the attacker can perform actions to increase his existence in the system. It is better to secure every website you have on the server to avoid possible breaches. Checking them all, for common flaws by testing and verifying is required and, cannot be ignored, even if you secure the other factors all. Installing Packages You should be aware of every tool residing in your system. Always install trusted tools from its trusted sources, also verify the integrity of files before using them. If you need to install a third party package, verify and ensure its validity properly. Above is a list of factors which collectively define the security of a server. Covering the needed knowledge about them, is a hard work, including lots of practical work. It is better to divide security in parts and, implement security steps at the time a specific thing is going to be created first. Almost a good amount of attacks come from the exploitation of common flaws in above systems, so it is better to perform a basic Patch process where needed. Thanks for reading. Conclusion As the system grows up with many resources, the system is more vulnerable to get more weaknesses. There should be a proper understanding of each of the resources in the system and, should be treated well to eliminate the possible occurring threats inside them. The more the system is looked after, the higher security breaches will be avoided.

5 References 1. malwarejake.blogspot.com. Penetration Testing Scope. Malwarejake.blogspot.com Roiter, Neil. Penetration Testing - Top 10 Tips for a Successful Program. Csoonline.com Wikipedia. Penetration Test. Wikipedia coresecurity.com. Penetration Testing Overview. Coresecurity.com. 5