Tactics and Penetration Testing 1 Overview Tactics A

  • Slides: 18
Download presentation
Tactics and Penetration Testing 1

Tactics and Penetration Testing 1

Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end,

Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. • Tactics • Penetration testing • Methods • Guidelines 2

Tactics • • Reconnaissance Exploit Communication Command Effect Reserve Implications 3

Tactics • • Reconnaissance Exploit Communication Command Effect Reserve Implications 3

Critical Issues • What must you defend? – Mission of the organization – Assets

Critical Issues • What must you defend? – Mission of the organization – Assets of the organization • What can you defend? – Personnel limitations – Information limitations • What is likely to be attacked? IW-Strategy: 4

Reconnaissance Extend view of the World • Finding the network: Lookup, DNS, Routes •

Reconnaissance Extend view of the World • Finding the network: Lookup, DNS, Routes • Locating key hosts: Services, Public Nodes • Profiling: Role, OS, Age, Content, Relations, hosts vs. decoys • Points of Access: Initial and Follow-on • Points of Vulnerability: technical, procedure • Points of Exploit: Change State • Points of Effect: Channel, Target, Cover IW-Strategy: 5

Exploit Methods by which to gain access or elevate privileges • System type: Service

Exploit Methods by which to gain access or elevate privileges • System type: Service and OS • End goal: Impersonate, Intercept, Modify, Interrupt • Jump points: Local, Border, Remote • Methods: Vulnerability, Action, Reaction • Evidence: System, Defense, Network 6

Communication Transfer of information on progress • Indicators: External evidence of progress • Waypoints:

Communication Transfer of information on progress • Indicators: External evidence of progress • Waypoints: Phases of method • Signaling: Present, Ready, Beacon • Reporting: Success, Fail, Options • Transfer: Information, Code, Command 7

Command Directing actions of hack • Manual vs. Automatic: interactive, shells • Command Channels:

Command Directing actions of hack • Manual vs. Automatic: interactive, shells • Command Channels: application, infrastructure • Encryption and encoding • Passive vs. Active • Intelligence: actions, options, productivity • Commanding Effects 8

Effect Mechanism for advancing hack • Employ, Corrupt, Install, Reconfigure • Phased effects •

Effect Mechanism for advancing hack • Employ, Corrupt, Install, Reconfigure • Phased effects • Split effects • Delegation, Propagation, Relocation • Confusion • Reconnaissance • Plant the flag, Capture the flag 9

Reserve Unused means of attack • Respond to defenses • Respond to detection •

Reserve Unused means of attack • Respond to defenses • Respond to detection • Branch points • Redundancy • Deception 10

Implications Replicating attacks Modifying attacks Operational damage Mission damage 11

Implications Replicating attacks Modifying attacks Operational damage Mission damage 11

Penetration Testing • Identify weakness • Inform response: Priority, Options, Effectiveness • Assess security

Penetration Testing • Identify weakness • Inform response: Priority, Options, Effectiveness • Assess security performance • Communicate risk: “We think we’re really secure. ” 12

Methods • • • Appropriate to goal Within scenario Deception Bounded range Bounded damage

Methods • • • Appropriate to goal Within scenario Deception Bounded range Bounded damage 13

Guidelines Agreement on terms of penetration • Goal • Constraints • Liabilities • Indemnification

Guidelines Agreement on terms of penetration • Goal • Constraints • Liabilities • Indemnification • Success and Failure 14

Goal • • • Personnel Process Technology Service Readiness Exploration 15

Goal • • • Personnel Process Technology Service Readiness Exploration 15

Constraints • • Where applied When applied Scenario Resources: cost, effort, personnel, technology •

Constraints • • Where applied When applied Scenario Resources: cost, effort, personnel, technology • Excluded methods 16

Liabilities • • • Technical instability Personnel distraction Financial dispersion Public perception Mission disruption

Liabilities • • • Technical instability Personnel distraction Financial dispersion Public perception Mission disruption 17

Indemnification • • • Authority Accountability Oversight and Decision Reporting Information handling Non-disclosure 18

Indemnification • • • Authority Accountability Oversight and Decision Reporting Information handling Non-disclosure 18