penetration testing

An ninh mng

LI NOI UNgy nay, mng my tnh l mt khi nim tr nn quen thuc vi hu ht tt c mi ngi, c bit chim v tr ht sc quan trng vi cc doanh nghip. Vi xu th pht trin mnh m ca h thng mng nh: mng internet, h thng thng mi in t, h thng thng tin trong cc c quan, doanh nghip, vn qun tr v an ninh mng tr nn ht sc cn thit. Lm th no thit k mt mng my tnh ti u cho tng t chc, doanh nghip v lm th no mng my tnh hot ng tt vi tnh bo mt cao? hng n mt x hi thng tin an ton v c tin cy cao, c th trin khai c cc dch v, tin ch qua mng phc v i sng x hi, chnh tr, qun s, th vn qun tr v an ninh mng phi c cn nhc v nh gi ng tm quan trng ca n.

Bng gc nhn ca mt hacker, k thut Penetration Testing s gip cho h thng mng ca th chc, doanh nghip c bo mt mt cch ti u nht.MU LUCCHNG 1:

HYPERLINK \l "__RefHeading___Toc319155466"

HYPERLINK \l "__RefHeading___Toc319155466"Tng Quan V An Ton An Ninh Mng11.1.


HYPERLINK \l "__RefHeading___Toc319155467"An ton mng l g?11.2.


HYPERLINK \l "__RefHeading___Toc319155468"Cc c trng k thut ca an ton mng.


21.3.


HYPERLINK \l "__RefHeading___Toc319155469"nh gi v s e da, cc im yu ca h thng v cc kiu tn cng.


31.3.1.


HYPERLINK \l "__RefHeading___Toc319155470"nh gi v s e da31.3.2.


HYPERLINK \l "__RefHeading___Toc319155471"Cc l hng v im yu ca mng41.3.3.


HYPERLINK \l "__RefHeading___Toc319155472"Cc kiu tn cng.71.3.4.


HYPERLINK \l "__RefHeading___Toc319155473"Cc bin php pht hin h thng b tn cng8CHNG 2:


HYPERLINK \l "__RefHeading___Toc319155474"GI THIU V K THUT ENETRATION TESTING


102.1.


HYPERLINK \l "__RefHeading___Toc319155475"Khi nim v Penetration Testing.102.1.1.


HYPERLINK \l "__RefHeading___Toc319155476"Penetration Testing l g.102.1.2.


HYPERLINK \l "__RefHeading___Toc319155477"nh gi bo mt102.1.3.


HYPERLINK \l "__RefHeading___Toc319155478"Hn ch ca vit nh gi bo mt.112.1.4.


HYPERLINK \l "__RefHeading___Toc319155479"Nhng im cn lu .112.1.5.


HYPERLINK \l "__RefHeading___Toc319155480"Ti sao phi kim tra thm nhp.112.1.6.


HYPERLINK \l "__RefHeading___Toc319155481"Nhng g nn c kim tra?122.1.7.


HYPERLINK \l "__RefHeading___Toc319155482"iu g lm nn mt Penetration Test tt?122.1.8.


HYPERLINK \l "__RefHeading___Toc319155483"T l hon vn (ROI) ca doanh nghip khi u t

HYPERLINK \l "__RefHeading___Toc319155483"Penetration testing

HYPERLINK \l "__RefHeading___Toc319155483".132.1.9.


HYPERLINK \l "__RefHeading___Toc319155484"im kim tra.132.1.10.


HYPERLINK \l "__RefHeading___Toc319155485"a im kim tra.132.2.


HYPERLINK \l "__RefHeading___Toc319155486"Cc loi ca Penetration Testing.142.2.1.


HYPERLINK \l "__RefHeading___Toc319155487"nh gi an ninh bn ngoi.142.2.2.


HYPERLINK \l "__RefHeading___Toc319155488"nh gi an ninh ni b.142.2.3.


HYPERLINK \l "__RefHeading___Toc319155489"K thut kim th hp en (black-box).142.2.4.


HYPERLINK \l "__RefHeading___Toc319155490"K thut kim th hp xm (Grey-box).152.2.5.


HYPERLINK \l "__RefHeading___Toc319155491"K thut kim th hp trng (White-box).152.2.6.


HYPERLINK \l "__RefHeading___Toc319155492"Kim tra t ng.152.2.7.


HYPERLINK \l "__RefHeading___Toc319155493"Kim tra bng tay.162.3.


HYPERLINK \l "__RefHeading___Toc319155494"K thut kim tra thm nhp.162.3.1.


HYPERLINK \l "__RefHeading___Toc319155495"K thut kim th xm nhp ph bin.162.3.2.


HYPERLINK \l "__RefHeading___Toc319155496"S dng tn min DNS v Thng tin a ch IP.172.3.3.


HYPERLINK \l "__RefHeading___Toc319155497"Lit k ccthng tinvmy chtrnmng cng khaic sn.172.4.


HYPERLINK \l "__RefHeading___Toc319155498"Cc Giai on Kim Tra Thm Nhp.172.4.1.


HYPERLINK \l "__RefHeading___Toc319155499"Giai on trc khi tn cng.172.4.2.


HYPERLINK \l "__RefHeading___Toc319155500"Giai on tn cng.182.4.2.1. Kim tra vng ngoi.182.4.2.2. Lit k cc thit b192.4.2.3. Thu thp mc tiu192.

HYPERLINK \l "__RefHeading___Toc319155504"4.2.4. k thut leo thang c quyn192.4.2.5. Thc thi,cp ghp,xem li.202.4.2.6. giai on sau tn cng v hot ng202.5.


HYPERLINK \l "__RefHeading___Toc319155507"L trnh kim tra thm nhp.202.5.1.


HYPERLINK \l "__RefHeading___Toc319155508"nh gi bo mt ng dng.212.5.1.1 Kim tra ng dng Web (I).222.5.1.2. Kim tra ng dng Web (II).222.5.1.3. Kim tra ng dng Web (III).232.5.2.


HYPERLINK \l "__RefHeading___Toc319155512"nh gi an ninh mng.232.5.3.


HYPERLINK \l "__RefHeading___Toc319155513"nh gi wireless/Remote Access.232.5.4.


HYPERLINK \l "__RefHeading___Toc319155514"Kim tra mng khng dy.242.5.5.


HYPERLINK \l "__RefHeading___Toc319155515"nh gi bo mt h thng in thoi.242.5.6.


HYPERLINK \l "__RefHeading___Toc319155516"K thut cng khai.252.5.7.


HYPERLINK \l "__RefHeading___Toc319155517"Kim tra mng - thit b lc.252.5.8.


HYPERLINK \l "__RefHeading___Toc319155518"M phng t chi dch v.252.6.


HYPERLINK \l "__RefHeading___Toc319155519"Gia Cng Phn Mm Pen Testing Services.252.6.1.


HYPERLINK \l "__RefHeading___Toc319155520"iu khon cam kt.252.6.2.


HYPERLINK \l "__RefHeading___Toc319155521"Quy m d n.262.6.3.


HYPERLINK \l "__RefHeading___Toc319155522"Cp tha thn dch v Pentest.262.6.4.


HYPERLINK \l "__RefHeading___Toc319155523"T vn kim tra thm


HYPERLINK \l "__RefHeading___Toc319155523"nhp.262.6.5.


HYPERLINK \l "__RefHeading___Toc319155524"nh gi cc loi khc nhau ca cng c Pentest.27CHNG 3:


HYPERLINK \l "__RefHeading___Toc319155525"GII THIU MT S CNG C283.1.


HYPERLINK \l "__RefHeading___Toc319155526"Cng c nh gi Bo mt ng dng: WebScarab.283.2.


HYPERLINK \l "__RefHeading___Toc319155527"Cng c nh gi an ninh mng : Angry IP scanner.293.3.


HYPERLINK \l "__RefHeading___Toc319155528"Cng c nh gi truy cp khng dy t xa: Kismet293.4.


HYPERLINK \l "__RefHeading___Toc319155529"Cng c

HYPERLINK \l "__RefHeading___Toc319155529"nh gi

HYPERLINK \l "__RefHeading___Toc319155529"an ninh h thng

HYPERLINK \l "__RefHeading___Toc319155529"in thoi: Omnipeek

HYPERLINK \l "__RefHeading___Toc319155529".31TM TT

32Tm tt qu trnh.


32

MC LC HNH

Hnh 1: K thut kim th hp trng.15Hnh 2: Giai on tn cng.18Hnh 3: L trnh kim tra thm nhp21Hnh 4: L trnh kim tra thm nhp.21Hnh 5: kim tra ng dng Web.22Hnh 6: nh gi Wireless/Remote Access.24Hnh 7: nh gi cc loi cng c Pen-test khc nhau.28Hnh 8: WebScarab29Hnh 9: Cng c bo mt.29Hnh 10: Angry IP Scanner30Hnh 11: Cc cng c nh gi an ninh mng.30Hnh 12: Kismet.31Hnh 13: Cc cng c nh gi truy cp t xa.31Hnh 14: Omnipeek.32

CHNG 1: Tng Quan V An Ton An Ninh Mng

1.1. An ton mng l g?

Mc tiu ca vic kt ni mng l nhiu ngi s dng, t nhng v tr a l khc nhau c th s dng chung ti nguyn, trao i thng tin vi nhau. Do c im nhiu ngi s dng li phn tn v mt vt l nn vic bo v cc ti nguyn thng tin trn mng trnh s mt mt, xm phm l cn thit v cp bch. An ton mng c th hiu l cch bo v, m bo an ton cho tt c cc thnh phn mng bao gm : d liu, thit b, c s h tng mng v m bo mi ti nguyn mng c s dng tng ng vi mt chnh sch hot ng c n nh v vi ch nhng ngi c thm quyn tng ng.

An ton mng bao gm :

Xc nh chnh sch, cc kh nng nguy c xm phm mng, cc s c ri ro i vi thit b, d liu trn mng c cc gii php ph hp m bo an ton mng.

nh gi nguy c tn cng ca cc Hacker n mng, s pht tn virusPhi nhn thy an ton mng l mt trong nhng vn cc k quan trng trong cc hot ng, giao dch in t v trong vic khai thc s dng cc ti nguyn mng.

Mt thch thc i vi an ton mng l xc nh chnh xc cp an ton cn thit cho vic iu khin h thng v cc thnh phn mng. nh gi cc nguy c, cc l hng khin mng c th b xm phm thng qua cch tip cn c cu trc. Xc nh nhng nguy c n cp, ph hoi my tnh, thit b, nguy c virus, b gin ip, nguy c xo, ph hoi CSDL, n cp mt khu,nguy c i vi s hot ng ca h thng nh nghn mng, nhiu in t. Khi nh gi c ht nhng nguy c nh hng ti an ninh mng th mi c th c c nhng bin php tt nht m bo an ninh mng.

S dng hiu qu cc cng c bo mt (v d nh Firewall) v nhng bin php, chnh sch c th cht ch. V bn cht c th phn loi vi phm thnh cc vi phm th ng v vi phm ch ng. Th ng v ch ng c hiu theo ngha c can thip vo ni dung v lung thng tin c b trao i hay khng. Vi phm th ng ch nhm mc ch nm bt c thng tin. Vi phm ch ng l thc hin s bin i, xo b hoc thm thng tin ngoi lai lm sai lch thng tin gc nhm mc ch ph hoi. Cc hnh ng vi phm th ng thng kh c th pht hin nhng c th ngn chn hiu qu. Tri li, vi phm ch ng rt d pht hin nhng li kh ngn chn.1.2. Cc c trng k thut ca an ton mng.

1. Tnh xc thc (Authentification): Kim tra tnh xc thc ca mt thc th giao tip trn mng. Mt thc th c th l mt ngi s dng, mt chng trnh my tnh, hoc mt thit b phn cng. Cc hot ng kim tra tnh xc thc c nh gi l quan trng nht trong cc hot ng ca mt phng thc bo mt. Mt h thng thng thng phi thc hin kim tra tnh xc thc ca mt thc th trc khi thc th thc hin kt ni vi h thng. C ch kim tra tnh xc thc ca cc phng thc bo mt da vo 3 m hnh chnh sau :

- i tng cn kim tra cn phi cung cp nhng thng tin trc, v d nh password, hoc m s thng s c nhn PIN.

- Kim tra da vo m hnh nhng thng tin c, i tng kim tra cn phi th hin nhng thng tin m chng s hu, v d nh Private Key, hoc s th tn dng.

- Kim tra da vo m hnh nhng thng tin xc nh tnh duy nht, i tng kim tra cn phi c nhng thng tin nh danh tnh duy nht ca mnh, v d

- Nh thng qua ging ni, du vn tay, ch k,

C th phn loi bo mt trn VPN theo cc cch sau : mt khu truyn thng hay mt khu mt ln; xc thc thng qua cc giao thc (PAP, CHAP,..) hay phn cng (cc loi th card: smart card, token card, PC card), nhn din sinh trc hc (du vn tay, ging ni, qut vng mc).

2. Tnh kh dng (Availability): Tnh kh dng l c tnh m thng tin trn mng c cc thc th hp php tip cn v s dng theo yu cu khi cn thit bt c khi no, trong hon cnh no. Tnh kh dng ni chung dng t l gia thi gian h thng c s dng bnh thng vi thi gian qu trnh hot ng nh gi. Tnh kh dng cn p ng nhng yu cu sau : Nhn bit v phn bit thc th, khng ch tip cn (bao gm c vic khng ch t tip cn v khng ch tip cn cng bc ), khng ch lu lng (chng tc nghn), khng ch chn ng (cho php chn ng nhnh, mch ni n nh, tin cy), gim st tung tch (tt c cc s kin pht sinh trong h thng c lu gi phn tch nguyn nhn, kp thi dng cc bin php tng ng).

3. Tnh bo mt (Confidentialy): Tnh bo mt l c tnh tin tc khng b tit l cho cc thc th hay qu trnh khng uc u quyn bit hoc khng cho cc i tng xu li dng. Thng tin ch cho php thc th c u quyn s dng. K thut bo mt thng l phng nga d la thu thp, phng nga bc x, tng cng bo mt thng tin (di s khng ch ca kho mt m), bo mt vt l (s dng cc phng php vt l m bo tin tc khng b tit l).

4. Tnh ton vn (Integrity): L c tnh khi thng tin trn mng cha c u quyn th khng th tin hnh c, tc l thng tin trn mng khi ang lu gi hoc trong qu trnh truyn dn m bo khng b xo b, sa i, gi mo, lm di lon trt t, pht li, xen vo mt cch ngu nhin hoc c v nhng s ph hoi khc. Nhng nhn t ch yu nh hng ti s ton vn thng tin trn mng gm : s c thit b, sai m, b tc ng ca con ngi, virus my tnh..

s phng php bo m tnh ton vn thng tin trn mng :

- Giao thc an ton c th kim tra thng tin b sao chp, sa i hay sao chp. Nu pht hin th thng tin s b v hiu ho.

- Phng php pht hin sai v sa sai. Phng php sa sai m ho n gin nht v thng dng l php kim tra chn l.

- Bin php kim tra mt m ngn nga hnh vi xuyn tc v cn tr truyn tin.

- Ch k in t : bo m tnh xc thc ca thng tin.

- Yu cu c quan qun l hoc trung gian chng minh chn thc ca thng tin.

5. Tnh khng ch (Accountlability): L c tnh v nng lc khng ch truyn b v ni dung vn c ca tin tc trn mng.

6. Tnh khng th chi ci (Nonreputation): Trong qu trnh giao lu tin tc trn mng, xc nhn tnh chn thc ng nht ca nhng thc th tham gia, tc l tt c cc thc th tham gia khng th chi b hoc ph nhn nhng thao tc v cam kt c thc hin.1.3. nh gi v s e da, cc im yu ca h thng v cc kiu tn cng.1.3.1. nh gi v s e da

V c bn c 4 ni e do n vn bo mt mng nh sau :

- e do khng c cu trc (Unstructured threats)- e do c cu trc (Structured threats)- e do t bn ngoi (External threats)- e do t bn trong (Internal threats)

1. e da khng c cu trc.

Nhng mi e do thuc dng ny c to ra bi nhng hacker khng lnh ngh, h tht s khng c kinh nghim. Nhng ngi ny ham hiu bit v mun download d liu t mng Internet v. H tht s b thc y khi nhn thy nhng g m h c th to ra.

2. e da c cu trc.

Hacker to ra dng ny tinh t hn dng unstructured rt nhiu. H c k thut v s hiu bit v cu trc h thng mng. H thnh tho trong vic lm th no khai thc nhng im yu trong mng. H to ra mt h thng c cu trc v phng thc xm nhp su vo trong h thng mng.

C hai dng c cu trc v khng c cu trc u thng qua Internet thc hin tn cng mng.

3. Cc mi e da bn ngoi.

Xut pht t Internet, nhng ngi ny tm thy l hng trong h thng mng t bn ngoi. Khi cc cng ty bt u qung b s c mt ca h trn Internet th cng l lc cc hacker r sot tm kim im yu, nh cp d liu v ph hu h thng mng.

4. e da bn trong.Mi e do ny tht s rt nguy him bi v n xut pht t ngay trong chnh ni b, in hnh l nhn vin hoc bn thn nhng ngi qun tr. H c th thc hin vic tn cng mt cch nhanh gn v d dng v h am hiu cu trc cng nh bit r im yu ca h thng mng.1.3.2. Cc l hng v im yu ca mng

1. Cc l hng mng

Cc l hng bo mt h thng l cc im yu c th to ra s ngng tr ca dch v, thm quyn i vi ngi s dng hoc cho php cc truy nhp khng hp l vo h thng. Cc l hng tn ti trong cc dch v nh : Sendmail, Web,..v trong h iu hnh mng nh trong WindowsNT, Windows95, Unix hoc trong cc ng dngCc l hng bo mt trn mt h thng c chia nh sau :

L hng loi C: Cho php thc hin cc phng thc tn cng theo kiu t chi dch v DoS (Dinal of Services). Mc nguy him thp, ch nh hng cht lng dch v, c th lm ngng tr, gin on h thng, khng ph hng d liu hoc chim quyn truy nhp.

DoS l hnh thc thc tn cng s dng giao thc tng Internet trong b giao thc TCP/IP lm h thng ngng tr dn n tnh trng t chi ngi s dng hp php truy nhp hay s dng h thng. Mt s lng ln cc gi tin c gi ti server trong khong thi gian lin tc lm cho h thng tr nn qu ti, kt qu l server p ng chm hoc khng th p ng cc yu cu t client gi ti.

Mt v d in hnh ca phng thc tn cng DoS l vo mt s website ln lm ngng tr hot ng ca website ny nh : www.ebay.com v www.yahoo.com

Tuy nhin, mc nguy him ca cc l hng loi ny c xp loi C; t nguy him v chng ch lm gin on cung cp dch v ca h thng trong mt thi gian m khng lm nguy hi n d liu v nhng k tn cng cng khng t c quyn truy nhp bt hp php vo h thng.

L hng loi B: Cho php ngi s dng c thm cc quyn trn h thng m khng cn thc hin kim tra tnh hp l. Mc nguy him trung bnh, nhng l hng loi ny thng c trong cc ng dng trn h thng, c th dn n l thng tin yu cu bo mt.

L hng loi ny c mc nguy him hn l hng loi C, cho php ngi s dng ni b c th chim c quyn cao hn hoc truy nhp khng hp php.

Nhng l hng loi ny hng xut hin trong cc dch v trn h thng. Ngi s dng local c hiu l ngi c quyn truy nhp vo h thng vi mt s quyn hnnht nh.

Mt s l hng loi B thng xut hin trong cc ng dng nh l hng ca trnh Sendmail trong h iu hnh Unix, Linux hay li trn b m trong cc chng trnh vit bng C.

Nhng chng trnh vit bng C thng s dng b m l mt vng trong b nh s dng lu d liu trc khi x l. Nhng ngi lp trnh thng s dng vng m trong b nh trc khi gn mt khong khng gian b nh cho tng khi d liu. V d: ngi s dng vit chng trnh nhp trng tn ngi s dng ; qui nh trng ny di 20 k t. Do h s khai bo :

Char first_name [20];

Vi khai bo ny, cho php ngi s dng nhp vo ti a 20 k t. Khi nhp d liu, trc tin d liu c lu vng m; nu ngi s dng nhp vo 35 k t, s xy ra hin tng trn vng m v kt qu l 15 k t d tha s nm mt v tr khng kim sot c trong b nh. i vi nhng k tn cng c th li dng l hng ny nhp vo nhng k t c bit thc hin mt s lnh c bit trn h thng. Thng thng, l hng ny thng c li dng bi nhng ngi s dng trn h thng t c quyn root khng hp l.

Vic kim sot cht ch cu hnh h thng v cc chng trnh s hn ch c cc l hng loi B.

L hng loi A: Cho php ngi s dng ngoi c th truy nhp vo h thng bt hp php. L hng loi ny rt nguy him, c th lm ph hu ton b h thng.

Cc l hng loi A c mc rt nguy him; e da tnh ton vn v bo mt ca h thng. Cc l hng loi ny thng xut hin nhng h thng qun tr yu km hoc khng kim sot c cu hnh mng.

Nhng l hng loi ny ht sc nguy him v n tn ti sn c trn phn mm s dng; ngi qun tr nu khng hiu su v dch v v phn mm s dng s c th b qua nhng im yu ny.

i vi nhng h thng c, thng xuyn phi kim tra cc thng bo ca cc nhm tin v bo mt trn mng pht hin nhng l hng loi ny. Mt lot cc chng trnh phin bn c thng s dng c nhng l hng loi A nh : FTP, Sendmail,1. nh hng ca cc l hng bo mt trn mng Internet.

Phn trn trnh by mt s trng hp c nhng l hng bo mt, nhng k tn cng c th li dng nhng l hng ny to ra nhng l hng khc to thnh mt chui mt xch nhng l hng.

V d : Mt k ph hoi mun xm nhp vo h thng m anh ta khng c ti khon truy nhp hp l trn h thng . Trong trng hp ny, trc tin k ph hoi s tm ra cc im yu trn h thng, hoc t cc chnh sch bo mt, hoc s dng cc cng c d tm thng tin trn h thng t c quyn truy nhp vo h thng; sau khi mc tiu th nht t c, k ph hoi c th tip tc tm hiu cc dch v trn h thng, nm bt c cc im yu v thc hin cc hnh ng ph hoi tinh vi hn.

Tuy nhin, khng phi bt k l hng no cng nguy him n h thng. C rt nhiu thng bo lin quan n l hng bo mt trn mng, hu ht trong s l cc l hng loi C v khng c bit nguy him i vi h thng. V d: khi nhng l hng v sendmail c thng bo trn mng, khng phi ngay lp tc nh hng trn ton b h thng. Khi nhng thng bo v l hng c khng nh chc chn, cc nhm tin s a ra mt s phng php khc phc h thng.1.3.3. Cc kiu tn cng.

Tn cng trc tip

Nhng cuc tn cng trc tip thng c s dng trong giai on u chimc quyn truy nhp bn trong. Mt phng php tn cng c in l d tm tn ngi s dng v mt khu. y l phng php n gin, d thc hin v khng i hi mt iu kin c bit no bt u. K tn cng c th da vo nhng thng tin m chng bit nh tn ngi dng, ngy sinh, a ch, s nh v.v.. on mt khu da trn mt chng trnh t ng ho v vic d tm mt khu. Trong mt s trng hp, kh nng thnh cng ca phng php ny c th ln ti 30%.

Phng php s dng cc li ca chng trnh ng dng v bn thn h iu hnh c s dng t nhng v tn cng u tin v vn c tip tc chim quyn truy nhp. Trong mt s trng hp phng php ny cho php k tn cng c c quyn ca ngi qun tr h thng.

Nghe trm

Vic nghe trm thng tin trn mng c th em li nhng thng tin c ch nh tn, mt khu ca ngi s dng, cc thng tin mt chuyn qua mng. Vic nghe trm thng c tin hnh ngay sau khi k tn cng chim c quyn truy nhp h thng, thng qua cc chng trnh cho php. Nhng thng tin ny cng c th d dng ly c trn Internet.

Gi mo a ch

Vic gi mo a ch IP c th c thc hin thng qua vic s dng kh nng dn ng trc tip. Vi cch tn cng ny, k tn cng gi cc gi tin IP ti mng bn trong vi mt a ch IP gi mo (thng thng l a ch ca mt mng hoc mt my c coi l an ton i vi mng bn trong), ng thi ch r ng dn m cc gi tin IP phi gi i.

V hiu ha cc ch nng ca h thng

y l ku tn cng nhm t lit h thng, khng cho n thc hin chc nng m n thit k. Kiu tn cng ny khng th ngn chn c, do nhng phng tin c t chc tn cng cng chnh l cc phng tin lm vic v truy nhp thng tin trn mng. V d s dng lnh ping vi tc cao nht c th, buc mt h thng tiu hao ton b tc tnh ton v kh nng ca mng tr li cc lnh ny, khng cn cc ti nguyn thc hin nhng cng vic c ch khc.

Li ca ngi qun tr h thng

y khng phi l mt kiu tn cng ca nhng k t nhp, tuy nhin li ca ngi qun tr h thng thng to ra nhng l hng cho php k tn cng s dng truy nhp vo mng ni b.

Tn cng vo yu t con ngi

K tn cng c th lin lc vi mt ngi qun tr h thng, gi lm mt ngi s dng yu cu thay i mt khu, thay i quyn truy nhp ca mnh i vi h thng, hoc thm ch thay i mt s cu hnh ca h thng thc hin cc phng php tn cng khc. Vi kiu tn cng ny khng mt thit b no c th ngn chn mt cch hu hiu, v ch c mt cch gio dc ngi s dng mng ni b v nhng yu cu bo mt cao cnh gic vi nhng hin tng ng nghi.

Ni chung yu t con ngi l mt im yu trong bt k mt h thng bo v no v ch c s gio dc cng vi tinh thn hp tc t pha ngi s dng c th nng cao c an ton ca h thng bo v.1.3.4. Cc bin php pht hin h thng b tn cng

Khng c mt h thng no c th m bo an ton tuyt i, mi mt dch v u c nhng l hng bo mt tim tng. Ngi qun tr h thng khng nhng nghin cu, xc nh cc l hng bo mt m cn phi thc hin cc bin php kim tra h thng c du hiu tn cng hay khng. Mt s bin php c th :

1. Kim tra cc du hiu h thng b tn cng : H thng thng b treo bng nhng thng bo li khng r rng. Kh xc nh nguyn nhn do thiu thng tin lin quan. Trc tin, xc nh cc nguyn nhn c phi phn cng hay khng, nu khng phi hy ngh n kh nng my tnh b tn cng.

2. Kim tra cc ti khon ngi dng mi l, nht l vi cc ti khon c ID bng khng.

3. Kim tra s xut hin ca cc tp tin l. Ngi qun tr h thng nn c thi quen t tn tp theo mu nht nh d dng pht hin tp tin l.

4. Kim tra thi gian thay i trn h thng.

5. Kim tra hiu nng ca h thng : S dng cc tin ch theo di ti nguyn v cc tin trnh ang hot ng trn h thng.

6. Kim tra hot ng ca cc dch v h thng cung cp.

7. Kim tra truy nhp h thng bng cc ti khon thng thng, phng trng hp cc ti khon ny b truy nhp tri php v thay i quyn hn m ngi s dng hp php khng kim sot c.

8. Kim tra cc file lin quan n cu hnh mng v dch v, b cc dch v khng cn thit.

9. Kim tra cc phin bn ca sendmaill, /bin/mail, ftp,.. tham gia cc nhm tin v bo mt c thng tin v l hng ca dch v s dng.

Cc bin php ny kt hp vi nhau to nn mt chnh sch v bo mt i vi h thng.CHNG 2: GI THIU V K THUT ENETRATION TESTING2.1. Khi nim v Penetration Testing.

2.1.1. Penetration Testing l g.

Penetration Testing l 1 phng thc nhm nh gi, c chng an ton v tin cy ca 1 h thng my tnh hay 1 mi trng mng bng cch gi lp (simulating) 1 cuc tn cng t hacker.

Tin trnh ny bao gm 1 qu trnh phn tch linh hot (active anlusis) trn h thng v bt k im yu, l hng no.

Qu trnh phn tch ny c tin hnh t v tr ca 1 attacker, v c th bao gm vic li dng cc l hng v bo mt.

Khi pht hin thy bt k vn no lin quan ti security n s hin th cho admin ca h thng bit, ng thi cng a ra nh gi nhng tc ng ca chng v i km vi nhng xut, gii php k thut thay th.2.1.2. nh gi bo mt

Mi t chc us dng cc mcnh gian ninhkhcnhau xc nhnmc an ton v ti nguynmng

Kim tra an ninh l giai on u tin m mt nh t vn an ninh thc hin trong vic cung cp dch v t vn cho mt doanh nghip.Tuy nhin, ngoi cc cuc kim tra xy dng nn tng, cc doanh nghip cng phi thc hin kim tra an ninh mng hoc nh gi mt cch thng xuyn m bo hiu sut ti u.

Cc mc nh gi bao gm:

1. Kim tra an ninh:

Trong giai on ban u, kim tra vin kim k ton b mng c v th cht v vn hnh. i vi phn cng tn kho, kim ton vin thu thp d liu lin quan n phn cng v cc thng tin phn mm nh giy php phn mm. Mc tiu ca giai on ny l t c mt bn k hoch chi tit bo mt mng v thng tin c nhn mt .Nhng thng tin ny c dng nh l c s cho cc giai on cn li ca nh gi.2. nh gi l hng

giai on ny, kim tra vin tn dng k hoch chi tit mng v thng tin mt c nhn "tn cng" mng li t bn ngoi.Mc tiu trong giai on ny l xm nhp vo cc l hng ca h thng nhm thu c d liu nhy cm.

Cc kim tra vin s dng cc cng c qut v tm kim cc phn on mng ca cc thit b IP-enabled v lit k h thng, h iu hnh v ng dng

Trnh qutl hngc thkim trai h thngv mng licc thit bnh hng trc tip tcc cuc tn cngthng thng.

Ngoi ra,trnh qutl hngc th xc nhsai stph binca vic cu hnh bo mt.3. Kim th thm nhp.

Thm nhp th nghim v nh gic rt nhiu nh giai on II nhng tp trung vo tn cng mng ni b ch khng phi bn ngoi.

Mi loi hnhnh gi an tonihingithc hin vicnh giphi c k nngkhc nhau2.1.3. Hn ch ca vit nh gi bo mt.

Phn mm nh gi bo mt b gii hntrongkhnngpht hincclhng timt im nht nhtrong thi gian nht nh.

Nphi c cp nhtkhicc l hng mic pht hinhoc cc sa ic ca phn mm ang csdng.

Phng phpcsdngcng nhccphn mm Vulnerability scanninga dngnh gian ninhkhc nhau.

2.1.4. Nhng im cn lu .

Kim tra thm nhp nu khng c hon thnh mt cch chuyn nghip c th dn ns mt mtcacc dch v vs gin ons n nh trongkinhdoanh.

Kim tra thm nhp nh giccm hnh bo mtca t chcmt cch tng th

Mtkim tra thm nhp c phn bitlmtngi tn cng c mc nh chnh ng vkhngc .

N cho thyhu qu tim tngca mtk tn cngthc svi phmvo mng

2.1.5. Ti sao phi kim tra thm nhp.i vi doanh nghip, t chc:Xcnhcc mi e daiviti sn thng tinca mt t chc.

Gimchi phbomtca mt t chcv u t cng ngh bo mt mt cch tt hn bng cch xc nh vgii quytccl hngv im yu

Cung cp mt k hoch vi s m bo, mt nh gi k lng v ton din ca mt k hoch an ninh bao gm chnh sch, th tc, thit k v thc hin.

t c vduytrchng nhnquy nhngnh ( BS7799, HIPAA etc.)i vi chuyn mn:Th nghimvxcnhnhiu qu cavic bo v an ninhv kim sot.

Ntp trungvo cc l hngcmc caov nhn mnhcc vn bo mt cp ng dngcho cc nhmphttrinv qun l.

Cung cpphng php tip cnton dincacc bc chun bc th cthchin ngn chnkhai thc tri phpsp ti.

nhgihiu quca cc thit ban ninh mngnh firewalls, routers, and web servers.

thayi, nng cpc s h tnghin c caphnmm, phn cng, hoc thit k h thng mng.

2.1.6. Nhng g nn c kim tra?

T chcphi tin hnh mthot ngnh gi ri rotrckhith nghim thm nhps gip xc nhcc mi e dachnh, chng hnnh:

Tht bi trong vic truyn dn,tht bitrong vic kinh doanh trn mng,vmtthng tin b mt.

H thngphi i mt vi cng ng nh:cc trang web,cng email,v cc nn tngtruy cp t xa.

Mail, DNS, firewalls,passwords,FTP,IIS,and web servers.

2.1.7. iu g lm nn mt Penetration Test tt?

Thitlpcc tham s chocc penetration test nhmc tiu, hn ch,vs ng n caquy trnh.

Thuchuyn gia lnh nghv giu kinh nghimthchincc kim tra.

Chnmt bcc phn kim traph hp cn bngchiphv li ch.

Mt phng php ttlun i vilpkhochv ti liu

Ghi chpkt qumtcchcnthnv d hiuchokhch hng

Nu rrirotim n vvic tm kimmt cch r rngtrong bo cocuicng

2.1.8. T l hon vn (ROI) ca doanh nghip khi u t Penetration testing.

Cc cng ty schi chocc kim trapen-testchkhih hiu mt cch ng nv li ch cacc kim pen-test.

Penetration testing sgipcc cng tytrong vic xc nh, hiu bit,vgiiquytcc l hng,nh tit kimrt nhiutintrongROI.

Chng tt l hon vnchopen-testvi s gip camt k hochkinhdoanh, bao gm ccchiphvli nhunlin quan nn.

Th nghimcaROIl mtqu trnh quan trngcho s thnh cngtrong vitbnPen-test

2.1.9. im kim tra.

Tha thun gia doanh nghip v nhm Penetration Testing:

T chc phit c mts ng thun vmc thng tinc thctit l chocc itestingxc nhim khi u cath nghim

Cungcpcho nhmpenetration testingcc thng tinbsungnytochoh mt li th thc t.

Tng t nh vy,mc mcc l hngcnc khai thcm khng lm gin on ccdch vquan trng,cnc xc nh

2.1.10. a im kim tra.

Nhm nghin cupen-testc thcmt s la chnlmcc kim trat xa hocti ch.

Kim tra t xa:Mt nh git xac thmphngmt cuc tn cngca hackert bn ngoi.Tuynhin, n c thb lnhgibo vni b.Kim tra ni b:nh gini bc thrt tn km vkhng thm phng tc ng bnbn ngoi mt cch chnh xc.

2.2. Cc loi ca Penetration Testing.Kim tra bn ngoi (Extranal Testing): Kim trabnngoibao gmphn tch ccthng tincng khaisn c,mt giai onlit k mng li,v hot ng ca cc thit b phn tch an ninh.Kim tra ni b (Internal Testing): Kim tra ni bsc thc hin tmt sim truy cp mng, th hin cho c cc logic v phn on vt l.

2.2.1. nh gi an ninh bn ngoi.

yl phng phptruyn thng th nghim thm nhp.

Kim tratp trung voc s h tngmychv phn mmc bngm ccmctiu.

N c thc thc hinm khng cn bit thng tintrcca trang web(hp en).

Cng bcu trc lin ktv mi trng(hp trng).

Pen-testingbn ngoibao gmphn tchmt cch ton din v cch thc s dng thng tin, chng hnnh: Web server, Mail server, Firewalls, Routers.

2.2.2. nh gi an ninh ni b.

Vic kim tra scthchint mt scc im truy cpmng,i din cho miphn onlogic v vt l.

V d:iunyc th bao gmlpvDMZstrongmi trngmngni b cng tyhocktni cc cng ty i tc.

nh gian ninhni btheomt phng phptng t kim trabn ngoi,nhng cung cpmt ci nhny hn van ninh catrangweb

2.2.3. K thut kim th hp en (black-box).

Cc nhn vin s khng c bit bt c thng tin g t ph doanh nghip, t chc.

Qu trnh pen-test s c tin hnh sau khi thu thp thng tin t nhiu pha v nghin cu.

Kiu kim tra nay m phng qu trnh hnh ng ca mt hacker thc s.

Nquyt nh ng knvic phn b ca qu trnh,qua tm rabn cht cac s h tngv lm th non kt nivlin h vi nhau.

c im:

Kiu kim tra nay m phng qu trnh hnh ng ca mt hacker thc s.

Tn thi gian v l loi kim tra tn km.

2.2.4. K thut kim th hp xm (Grey-box).

Trong kim thhp xm, th nghimthngc thng thin hn ch

N thchinnhgiv kim tra an ninhbn trong

Phng phpbo mt cho ng dngbng cch kim trattccclhngm hackerc th tm thyv khai thc.

Thc hin ch yukhiki thut kim thbt u kimtrahp entrn cc h thng cbo v ttvc c mt t kinh nghimcn thittin hnh xem xt klng.

2.2.5. K thut kim th hp trng (White-box).

y l qu trnh hon thin vic tm hiu v c s h tng.

Kim tra nymphngcchot ngcanhnvinca cng ty.

Thng tin c cung cp nh:

Hnh 1: K thut kim th hp trng.2.2.6. Kim tra t ng.

S dng cc cng c c lp trnh sn kim tra h thng.

T ng kim tra c th tit kim thi gian v tit kim chi ph trong mt thi gian di, tuy nhin, n khng th thay th kinh nghim ca s bo mt chuyn nghip.

Nh vi my qut l hng , c th l c th a ra kt qu ng hoc sai.

Cng c c th hc hi theo mt biu , v cn phi cp nhp thng xuyn c hiu qu.

Vi kim tra t ng , khng ti ti phm v kim tra cho bt k thnh phn kin trc.

2.2.7. Kim tra bng tay.

Hng dn kim tralla chn tt nhtmt t chcc th chn hnglit kinh nghimca mtchuyngiaan ninh

Mc chca cc chuyn gialnhgitnh trng bo mtca t chctgc ca mtktncng

tip cn hng dn i hi c quy hoch,kim trathitk,lp k hoch,v chm tmti liu hng dn nm btkt qucaqu trnh kim nh

2.3. K thut kim tra thm nhp.

2.3.1. K thut kim th xm nhp ph bin.

Nghin cu b ng: c s dng thu thp tt c cc thng tin v cu hnh h thng ca mt t chc

Gim st m ngun m: To iu kin chot chcthc hin cc bccnthit m bobmtvtnh ton vncan

Lp bn mng v iu hnh vn tay: c s dng c th nm c cuhnhcamngli ang c th nghim

Gi mo: Thc hin bng cch s dng 1 my tnh gi v l mt my khch. cs dng y kin th xm nhpni b vbn ngoi.

Network Sniffing: c s dng ly cdliukhi n di chuynqua mng.

Trojan tn cng: M c hoc cc chng trnh thng c gi qua mng di dng file nh km email hoc chuyn qua tin nhn vo phng chat.

Tn cng bng bin php mnh: L phng php b kha ph bin nht tng c bit n. C th lm qu ti h thng v ngn chn h thng p ng cc yu cu ca php lut.

Qut l hng: L mtkim tra ton dincc vng cac s h tngmng ca mt tchc cnhmlm mctiu.

Phn tch tnh hung: L giai on cui cng ca th nghim, nh gi ri ro ca cc l hng chnh xc hn.

2.3.2. S dng tn min DNS v Thng tin a ch IP.

D liutrncc my chDNSlin quan nmng li cc mc tiuc thc s dng lpbnmngcamt t chcch.

Vic chn IPca mt t chccthcthc hinbng cch tm kimtnminv thng tin linlccho nhn vin.

Ccbn ghi DNScngcung cp mt sthng tin gi trlinquannh iu hnhhoc ngdngcchytrn my ch.

2.3.3. Lit k ccthng tinvmy chtrnmng cng khaic sn.

Trnh thu thp d liutrang webc th phn nhtonbcc trang web.

Thm vo ,cc n lcc th cung cpsubnetc sng lcv mt danh schy cc loic cho php lu thng trongv ngoimng.

Vic lic k c thc thc hinbngcchsdngcng cqutport,giao thcIP,vlng nghecccngTCP /UDP.

Nhm kim th sau c thhnh dung mtsmng lichi titc thctruy cpmt cch cng khai.

2.4. Cc Giai on Kim Tra Thm Nhp.

2.4.1. Giai on trc khi tn cng.

Mc ch ca giai on trc khi tn cng l cp n ch ca cuc tn cng v mc tiu phi t c

Do thm c coi l giai on trong giai on trc khi tn cng xc nh v tr, thu thp, xc nh v ghi thng tin v mc tiu.

Hackertm kim tm hiucng nhiu thng tin ca nan nhncng tt.

Hackerthu thp thng tintheo nhng cchkhc nhau chophpchngxy dngk hochtncng, c 2 cch:

Trinh st th ng gng vi vic thu thp thng tin v mc tiu t cc truy cp cng cng trong hot ng trinh st

K thutthu thp thng tinthng trn cc ngun cng cng, gh thm trn cc trang web, phng vn,v bng cu hi

Thng tin ly c trong giai on ny:

Thng tin cnh tranh.

Thng tin ng k trn mng.

Thng tin DNS v mail server

Thng tinh haot ng h thng

Thng tin ca ngi dng

Thng tin Chng nhn xc thc

Kt ni tng t

Thng tin lin lc

Thng tinh website

a ch vt l v logic ca t chc

Phm vi sn phmvdch v ccung cpbicng ty mc tiuc trn mng

Bt k thng tin nokhcc gi tr u c th khai thc

2.4.2. Giai on tn cng.Hnh 2: Giai on tn cng.2.4.2.1. Kim tra vng ngoi.

Phng phpkim trachoan ninh vng ngoibaogmnhng khng gii hn:

Kimtradanh sch kim sottruy cp bng cchgi mocc cu tr livicc gi d liuth cng.

nh gi cc quy tc lc giao thc bng cch c gng kt ni s dng cc giao thc khc nhau chng hn nh SSH, FTP, v Telnet.

Kim tra phn ng ca h thng an ninh vng ngoi ca web server bng cch s dng nhiu phng php nh POST, 9 DELETE, v COPY.

nh gi bo co li v qun l li vi thm d ICMP.

Xc nhngngt chi dch vbngcchc gngkt ni ln tc nTCP,nh giccktnichuyn tipTCP^vc gng kt ni n dng UDP.

nh gi kh nng ca IDS bng cch gi m c hi (chng hn nh URL b thay i) v qut cc mc tiu khc nhau p ng lu lng truy cp bt thng.

2.4.2.2. Lit k cc thit b

Kim k thit b lmt tp hpcc thit b mngcng vimt s thng tinlin quan vmi thit bc ghi litrong mt ti liu.

Sau khimng clp bn vccti sn kinh doanhcxc nh, bchp l tip theol lm mt bn kcho cc thit b.

Mt kim travtlc thcthc hinb sung m bo rngvic lit k cc thit bc c nh.

2.4.2.3. Thu thp mc tiu

Thu thp mtmctiucn phi tp hp cc hot ng c th hin bi cc tester vicc i tngmyb nghi ng nnhiucc th thch xm nhpchng hn nh qutl hngvnh gian ninh.

Phng php th nghim t c mc tiu bao gm nhng phn khng hn ch nh: Hot ng ca cc cuc tn cng thm d: S dng kt qu ca vit qut mng thu thp thm thng tin c th dn n mt s tha hip. Qu trnh chy qut l hng: Qu trnh qut l hng c hon thnh trong giai on ny. H thng ng tin cy v qu trnh nh gi tin cy: C gng truy cp ti nguyn ca my bng cch s dng thng tin hp php thu c thng qua k tht giao tip hoc cc k thut khc.

2.4.2.4. k thut leo thang c quyn

Mt khi dnh c mc tiu, tester c gng khai thc h thng v truy cp cc ngun ti nguyn c bo v

Cc hot ng bao gm:

Cc tester c th tn dng li th ca cc chnh sch bo mt km v tn dng li th ca email hoc code web khng an ton thu thp thng tin c th dn n s leo thang cc c quyn

S dngcc k thut nhbrute force t cc quyn.

S dng cc Trojans v phn tch giao thc

Sdngthng tinthu thp cthng qua cc k thutnh k thutgiao tip truy cptri php vocc ngun ti nguync quyn

2.4.2.5. Thc thi,cp ghp,xem li.

Tha hip h thng: Trong giai on ny, tester c c s tha hip ca h thng bng cch thc hinon code bt k.

Thm nhp vo h thng: Mc tiu ca qu trnh thm nhp h thng l khm ph mc li ca an ninh.

Thc hin cc khai thc: Thc hin Khai thc c sn hoc bng tay tn dng li th ca cc l hng c xc nh trong h thng ca mc tiu.2.4.2.6. giai on sau tn cng v hot ng

Giai on ny quan trng i vi bt k kim tra thm nhp v n c trch nhim khi phc li cc h thng trc kia.

Cc giai on hot ng tn cng bao gm nhng iu sau:

Loi b tt c cc tp tin ti ln trn h thng.

Lm sch tt c cc mc ng k v loi b l hng .

Loi b tt c cc cng c v khai thc t cc h thng th nghim. Khi phc li mng li th nghim bng cch loi b chia s v kt ni. Phn tch tt c cc kt qu v trnh by cng vi cc t chc.2.5. L trnh kim tra thm nhp.

Hnh 3: L trnh kim tra thm nhp

Hnh 4: L trnh kim tra thm nhp.2.5.1. nh gi bo mt ng dng.

Ngay c trong mt c s h tng c trin khai v bo m, mt ng dng yu c th tip xc vi thng tin qu gi ca t chc l iu khng th chp nhn c.

ng dng nh gi an ninh c thit k xc nh v nh gi cc mi e da cho t chc thng qua bespoke, cc ng dng c quyn hoc cc h thng.

Th nghim ny kim tra ng dng ngi dng c khng tt khng th truy cp, sa i ph hy d liu hoc cc dch v trong h thng.

2.5.1.1 Kim tra ng dng Web (I).

Xc nhn u vo: Kim tra bao gm h iu hnh chnh , kch bn chnh, c s d liu chnh, LDAP injection , v cross-site scripting.

S ci thin u ra: Cc kim tra ny bao gm cc phn tch cc k t c bit v xc minh kim tra trong ng dng li.

iu khin truy cp: Kim tra quyn truy cp vo giao din qun tr, s gi d liu thao tc cc trng mu, c gng truy vn URL , thay i cc gi tr trn kch bn pha my khch v tn cng cookie.2.5.1.2. Kim tra ng dng Web (II).Hnh 5: kim tra ng dng Web.

Kim tra bao gm cc cuc tn cng chng li trn ngn xp, trn khi xp, v trn chui nh dng.

Kim tra kim sot an ninh trn cc thnh phn my ch ng dng web m c th pht hin cc ng dng l hng web.

Cc kim tra cho DoS gy ra bi ngi dng b thay i, ngi dng kha v ng dng kha do lu lng truy cp qu ti, giao dch yu cu hoc yu cu qu nhiu v vic p dng.

Kim tra cc d liu lin quan n an ninh lapses nh lu tr d liu trong b nh cache hoc thng qua cc d liu bng cch s dng HTML.

2.5.1.3. Kim tra ng dng Web (III).

Kim tra bo mt: Cc ng dng s dng giao thc an ton v m ha , kim tra cc sai st trong c ch trao i kha , chiu di kha y , v cc thut ton.

Phin qun l: N s kim tra thi gian hiu lc ca th phin,chiu di ca th,ht hn ca phin th trong khi qu cnh t SSL ti nguyn khng SSL,s hin din ca bt k th phin trong lch s trnh duyn hoc b nh cache, v ngu nhin phin ID (kim tra s dng d liu ngi s dng trong vic to ID ).

M xc nhn cu hnh: M xc nhn cu hnh:n c gng khai thc ti nguyn bng cch s dng phng thc http chng hn nh xo v t, kim tra cc phin bn ni dung c sn v bt k m c th nhn thy ngun b hn ch trong lnh vc cng cng, c gng th mc v danh sch tp tin, v kim tra cc l hng c bit n v kh nng tip cn cc giao din hnh chnh trong cc my ch v cc thnh phn my ch.

2.5.2. nh gi an ninh mng.

Qu trnh ny qut trn mi trng mng xc nh cc l hng v gip ci thin chnh sch bo mt ca doanh nghip.

Vit nh gi s pht hin ra li an ninh mng c th dn n d liu hoc thit b ang c khai thc hoc b ph hy bi cc trojan, cc cuc tn cng t chi dch v , v s xm nhp khc.

Qu trnh m bo rng vic thc hin an ninh thc s cung cp s bo v m doanh nghip yu cu khi bt k cuc tn cng din ra trn mng, thng bi "khai thc" mt l hng h thng.

Qu trnh c thc hin bi nhm tm cch t nhp vo mng hoc my ch.

2.5.3. nh gi wireless/Remote Access.

nh gi wireless/Remote Access nhm gii quyt ri ro v bo mt vi s gia tng ngy cng tng ca thit b di ng.

Hnh 6: nh gi Wireless/Remote Access.2.5.4. Kim tra mng khng dy.

Phng thc kim tra mng khng dy bao gm:

Kim tra xemccim truy cpmc nhService Set Identifier(SSID)lang sn sng.Kim tracho"SSIDpht sng"v kh nng kt nivimngLANthng quacch ny.Cng on kim tra c th bao gmth hin ccchui k tSSIDbng cch s dng cc cng c.

Kim tra ccl hng trong qu trnh truy cp vo mng WLANthngquacc wireless router, access point, or gateway.iunyc th xc minhnu mc nhkha m haWired Equivalent Privacy(WEP)c thc bt vgii m.

Kim trachon hiubroadcast ca tt c cc access point vkimtratt c cc giao thcc sn trncc im truy cp.Kimtramng Layer 2 switchedc s dngthay cho hub kt nin cc im truy cp

Mc chchng thcl xemlicc qu trnh xc thctrcnhmkimtranng quyntruy cp tri php

Giy chng nhn truy cpch c cp chomy khchng k a ch MAC

2.5.5. nh gi bo mt h thng in thoi.

Mt nh gi an ninh in thoi a ch cc mi quan tm an ninh lin quan n cng ngh ging ni ca cng ty.

iu ny bao gm s lm dng ca tng i nhnh ring" PBXS" bi ngi ngoi nh tuyn ca mc tiu vi chi ph, trin khai hp th v an ninh, thoi qua IP (VoIP) , s dng tri php modem, v nhng ri ro lin quan.

2.5.6. K thut cng khai. K thut a ch cng khai mt loi phi k thut xm nhp.

N thnglinquannla o,c gng tcnim tincamt ngun ng tin cybng cch li dng thi quen t nhin cangi dn cng nhim yu ca h,hpdnvo tnh kiu cngcah,quynhnvnghe trmca hs dngnhng k thutt nhin.

2.5.7. Kim tra mng - thit b lc.

Mc tiu ca nhm pen-test l chc chn rng tt c lu lng truy cp hp php chy qua thit b lc.

My ch Proxy c th phi chu cc cuc kim tra nh gi kh nng ca mnh lc ra cc gi tin khng mong mun.

Th nghim cho vic ci t mc nh ca cc bc tng la c th c thc hin m bo rng mc nh ngi s dng ID v mt khu c v hiu ho hoc thay i.

Cc th nghim cng c th kim tra bt k kh nng ng nhp t xa m c th c kch hot.

2.5.8. M phng t chi dch v.

M phng cc cuc tn cng DoS(t chi dch v) c th l ngun cng ln.

Cc kim th ny c ngha l kim tra hiu qu ca thit b anti-Dos(phng chng -t chi dch v).

Cc cuc tn cng doS (t chi dch v) c th c m phng bng cch s dng phn cng.

Mt s trang web trc tuyn m phng cc cuc tn cng DoS cho mt khon ph danh ngha.

2.6. Gia Cng Phn Mm Pen Testing Services.

2.6.1. iu khon cam kt.

Mt t chc trng pht mt pentest chng li bt k h thng sn xut ca mnh sau khi n ng them quy tc quy nh r rng cam kt.

Nphinu r cciu khon tham chiutheo ccc quan c thtng tc vi cct chc.

N c th xc nh m mong mun ca hnh vi, cc th tc O c theo sau, v bn cht ca s thng tc gia cc xt nghim v t chc .

2.6.2. Quy m d n.

Vic xc nhphmvicapentestl iu cn thitquytnhnu th nghiml mt th nghimnhm mc tiuhockimtramt cch ton din.

nhgiton dincphi hpnhng n lc bi cctt chcpentestpht hin racc l hngcng nhiu cng tttrong ton b t chc.

Mt th nghimnhm mc tiustm cch xc nhcc l hng trongh thng c thvthc tin.

2.6.3. Cp tha thn dch v Pentest.

Mttha thun cp dch v l mthpngchi titvdch vmmt ngi m nhns cung cp.

im mu cht SLAs xc nh mc ti thiu sn c t nhng ngi th nghim v xc nh nhng hnh ng ny s thc hin trong trng hp s c ri lon nghim trng .

SLAs thc hin bi cc chuyn gia hoc cc ngi chuyn nghip c h bao gm c cc bin php khc phc hu qu v hnh pht.

2.6.4. T vn kim tra thm nhp.

Thucc chuyn gia pen-test iukinv cht lngcath nghim thm nhp.

Mtth nghim xm nhpca mtmng cng tyskimtrart nhiumy chkhc nhau(vimt sh iu hnh khc nhau),kin trc mng,chnh sch vthtc.

Mi khu vc ca mng phi kim tra chuyn su

K nngpen-testkhng th c cmkhngcnhiu nm kinh nghimtrongcc lnh vc,chng hn nhpht trin,h thng qun l,t vn.

2.6.5. nh gi cc loi khc nhau ca cng c Pentest.

Hnh 7: nh gi cc loi cng c Pen-test khc nhau.CHNG 3: GII THIU MT S CNG C

3.1. Cng c nh gi Bo mt ng dng: WebScarab.

N l mt khun kh cho vic phn tch cc ng dng giao tip bng cch s dng cc giao thc HTTP v HTTPS.

Hnh 8: WebScarab

Mt s cng cng c nh gi bo mt:Hnh 9: Cng c bo mt.3.2. Cng c nh gi an ninh mng : Angry IP scanner.

Hnh 10: Angry IP ScannerPhn mm Angry IP Scanner cho php qut a ch IP cng nh cng trong phm vi bt k.Cc tnh nng:

Thng tin NetBIOS.

Phm vi a ch ip yu thch.

Pht hin my ch Web.

Ty chnh m.

Cc cng c nh gi an ninh mng khc:Hnh 11: Cc cng c nh gi an ninh mng.3.3. Cng c nh gi truy cp khng dy t xa: Kismet

Hnh 12: Kismet.

y l chun 802,11 lp2 mng khng dy , sniffer, v h thng pht hin xm nhp.

Xc nh mng li bng cch th ng thu thp cc gi tin.

Pht hin mng li n v s hin din ca mng nonbeaconing thng qua d liu lu lng.

Mt s cng c nh gi truy cp t xa, khng dy:

Hnh 13: Cc cng c nh gi truy cp t xa.3.4. Cng c nh gi an ninh h thng in thoi: Omnipeek.

Hnh 14: Omnipeek.

Omnipeek l mt mng li cung cp phn tch thi gian thc VoIP theo di v phn tch kt hp vi Ethernet, khng dy , lOGbE , Gigabit , v WAN.TM TTTm tt qu trnh.

Vic quan trng u tin l Pen Test (Penetration Testing) l vic phi suy ngh nh Hacker lm vic nh mt nh t vn c lp, kim nh c lp. Bc 1: Bc u tin ca Pen Test l vic 2 bn ng lm vic ny, khng kin co g v trnh nhng thit hi (cam kt th) - y l bc quan trng nht. Bc 2: Hy thc hin nh mt Hacker th thit, tc l vi nhng kin thc ca mnh, khai thc trn mng v trin khai tn cng h thng. Xem xt cc mc c th trin khai v lm ci bo co gi cho cng ty na. Km theo cc bn Demo nu c, cc s kin .... Bc 3: ng vai tr ca mt partner - tc l ngi l i vo cng ty v th trin khai cc vic tn cng khi vo tn ni cng ty - tn cng Local - y l bn report th hai cn cho cng ty. Bc 3: hy th vai tr l mt ngi trong cng ty ngh vic v s dng nhng hiu bit v cng ty tn cng vo cng ty c. Trng hp ny l mt mi nht ... Cc bn Report hoc cc k thut trin khai i hi nhng vn v Hacking; nhng vic g th vic cng tc Pen Test cn phi theo di nhng vic trin khai h thng, nhng bn v li v nhng d kin v cc li m rng na....Tm tt su bc trong k thut kim th thm nhp:1. Enumeration C gng thu thp cng nhiu s kin v h thng ch cng tt. 1 s phng php ph bin c p dng nh: Web Searches bng Google, johnny.ihackstuff.com (??), Newsgroups, truy vn NICs, Whois, truy vn DNS, SMTP probingMc ch: Tm hiu v h thng ch.2. IP Scanning Bc k tip l thc hin vic qut h thng ch. Cc phng php bao gm: ICMP Sanning and Probing, TCP and UDP Port Scanning, Third Party TCP Scanning Cc Scan Tool ph bin: NMAP, SING, hping2, lsrscan and fragroute.Mc ch: Nhn din cc dch v ang chy trn h thng.3. c nh cc dch v tm c ( Assessing discovered services) a ra cc version ca Web, FTP, Database, Mail, VPN, Telnet, SSH, DNS, SNMP, LDAP, X-Windows Cc dch v ang chy trn cc nn tng khc nhau nh Microsoft, Unix.Mc ch: tm ra cc version ca cc dch v nm u 4. Tm hoc ghi li cc l hng Sau khi thu thp cc thng tin cn thit trn, vo cc website sau tra cu xem c hin din l hng no trong cc version va tm ra khngsecurityfocus.com, cve.mitre.org, xforce.iss.net, packetstormsecurity.org, kb.cert.org/vulsMc ch: tm ra key i vo h thng5. Khai thc nhng l hng trn h thng ch Li dng nhng im yu va tm c, khai thc chng nhm ly quyn truy cp. Sau xa du vt m bn li trn h thng ch.Mc ch: Truy cp tri php vo h thng ch.6. Cung cp t liu v nhng l hng c th b tn cng v a ra gii php bo mt cho h thng ch. Tham kho cc website ca nhng dch v m bn tm ra l hng v cp nht ln phin bn mi nht.THE END

Trang v

Documents

penetration testing