JMU Gen Cyber Boot Camp Summer 2015 Introduction

JMU Gen. Cyber Boot Camp Summer, 2015

Introduction to Reconnaissance • Information gathering – Social engineering – Physical break-in – Dumpster diving • Scanning – – – Modems/Wireless Access Points Hosts Network hardware Services Vulnerabilities JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 2

Reconnaissance – Step 1 • Information gathering – investigate the target using publicly-available information • Analogy: a bank robber “casing the joint” – Visit the bank – Note times employees (especially security guard) arrive and leave – Note location of security cameras, guards, safe, etc. – Determine make and model of alarm system and safe; Research them – Plan the robbery – Plan getaway route JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 3

Information Gathering • Prior to launching an attack, skilled computer attackers often try to learn as much as possible about: – The systems and networks they plan to attack • Hardware and software • Topology • Typical operation – Owners, users, and administrators JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 4

Tools for Information Gathering • The Web – Target organization’s web site may contain: • Employee contact information and phone numbers • Business partners • Technologies in use – Other information about the target: • Search engines • Customers and business partners • Whois databases • ARIN • DNS servers JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 5

Goals of Information Gathering • Determine: – What is available to steal/deface/shutdown? – What avenue of attack is most likely to succeed? – What are the chances of getting caught? – Etc. JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 6

Social Engineering • Deceiving people into revealing sensitive/useful information • May be attempted: – In person or remotely (e. g. phone, e-mail, etc. ) – Once or over a period of time • Can result in: – – Sensitive information Unauthorized access Passwords Etc. JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 7

Social Engineering from The Master Ø The Art of Deception by Kevin Mitnick JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 8

Social Engineering - Examples • A “new employee” calls the help desk to get help with a particular task • An “angry manager” calls a lower-level employee because the manager’s password has suddenly stopped working • An “administrator” calls an employee because there is something wrong with the employee’s account • An “employee” in the field calls to get a remote access phone number JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 9

Defenses Against Social Engineering • Policies – Information that should never be divulged over the phone – Procedures for maintenance, password resets, etc. • User education JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 10

Social Engineering Examples • Lottery Tickets • Inheritance from Africa • I Love You Virus • Disk Space Over Quota • Bank Account Suspicious Activity • Bank Account updating system JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 11

Physical Break-ins • An attacker might show up at an organization and attempt to: – Physically access computer systems – Install malicious hardware or software – Steal sensitive documents, storage media, or a computer system – Etc. JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 12

Defenses Against Physical Break-ins • Policy – Locks – Alarms – Badges – Guards • User education JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 13

Dumpster Diving • What might an attacker be able to find by going through the trash? – Old versions of sensitive documents or e-mail – Discarded disks, tapes, and other media – Post-it note with a username and password – Etc. JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 14

Defenses Against Dumpster Diving • Policy – Paper shredders – Media cleansers – Special trash cans for sensitive material • User education JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 15

Reconnaissance – Step 2 • Scanning – many tools are available to automate the search for: – Modems – Hosts – Network hardware – Services – Vulnerabilities JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 16

War Dialers • Obtain a range of phone numbers used by the target organization – Phone book – Web – Social engineering • A war dialer is a program that will dial each number and record whether or not a modem answers (ever seen War Games? ) JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 17

War Dialers (cont) • Once modems are found: – Nudging – send characters to modem and note the reply (hopefully a banner) – Look for modems which do not require passwords – For those that do require passwords, try some guesses • Finding modems can be very valuable: – Can give remote (sometimes privileged) access to networks and systems • PCanywhere, Lap. Link, Control. IT – Completely bypass Internet gateways and firewalls JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 18

Defenses Against War Dialers • Policies – Who can have a modem? – How will it be secured? – How can employees remotely access their systems? • Periodic checks for compliance • User education JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 19

War. Driving/War. Biking/War. Walking • Search for accessible wireless networks • Examples: – Kismet (http: //www. kismetwireless. net/ ) – Net. Stumbler (http: //www. stumbler. net/ ) • Defenses – Policy – Periodic compliance checks – User education JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 20

Reconnaissance - Summary • Information gathering – Social engineering – Physical break-in – Dumpster diving • Scanning – Modems – Wireless Access Points • User Education! JMU Gen. Cyber Boot Camp © 2015 JAMES MADISON UNIVERSITY 21