stand and deliver
play

Stand and deliver Essential Secutity Testing Tools Nils Magnus - PowerPoint PPT Presentation

Jan 27, 2023 •157 likes •441 views

secunet Stand and deliver Essential Secutity Testing Tools Nils Magnus FIRST Technical Colloquium 2003 Uppsala, Sweden, February 10 - 11, 2003 secunet Security Networks AG The Trust Company FIRST Technical Colloquium 2003, Uppsala, Sweden

  1. secunet Stand and deliver Essential Secutity Testing Tools Nils Magnus FIRST Technical Colloquium 2003 Uppsala, Sweden, February 10 - 11, 2003 secunet Security Networks AG The Trust Company FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  2. secunet Overview and Motivation � Incident handling is also Incident prevention � Assessing your constituency‘s security status may be helpful � Original motivation: Clients bugging me about „number of tools“ � Quite a lot security testing can be done with plain Unix tools � There are other „schools“: Cisco/netflow, Windows/scanners � Part 1: Introduction � Part 2: Top 10 attacking tools � (Part 3: Defending against most serious threats) � Part 4: Discussion about your favourite tools FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  3. secunet Hypothesis � Imagine you are going to Desert Island and you are allowed only 10 penetration testing tools � My hypothesis: That´s all you need � Presentation of my favorite TOP 10 tools � What they do, how they work, where to get them, what they obsolete ... � Discussion about your own favourites FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  4. secunet Tool 1: nmap � The network mapper and scanner, OS detection � written by Fyodor � latest version: 2.54 beta 33 as of 28/04/2002 � Homepage: http://www.insecure.org/nmap/ � Typical use: # nm # nm ap - ap - v v - - sT sT - - p80, 139 p80, 139 - - P0 P0 \ \ # # nm nm ap ap - - v v - - sT sT - - p80, 139 p80, 139 - - P0 P0 \ \ - - - - o o o o scan scan scan scan. . . t xt . t xt t xt t xt - - m - - m m m scan scan scan scan. . . dat . dat 192. 168. 13. 192/ 29 dat dat 192. 168. 13. 192/ 29 192. 168. 13. 192/ 29 192. 168. 13. 192/ 29 � obsoletes: cheops, ftp-scanner, bind-scanner, webscanner, (sing), ... FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  5. secunet nmap FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  6. secunet Tool 2: dig (or host) � Tells you all about DNS entries. Query hosts and bind versions. Date of installation. Zone transfers. Is an improvement of nslookup which is unusable. � written by ISC Internet Software Consortium � latest version: bundeled with bind � Homepage: http://www.isc.org/products/BIND/ � Typical use: # # di g # # di g di g @ di g @ @ @ 131. 246. 9. 116 131. 246. 9. 116 l i nuxt ag 131. 246. 9. 116 131. 246. 9. 116 l i nuxt ag l i nuxt ag. l i nuxt ag . . or g axf r . or g axf r or g axf r or g axf r � obsoletes: host, nslookup, dnsscan FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  7. secunet dig Getting a DNS zone Getting a DNS zone FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  8. secunet Tool 3: netcat � Multipurpose tcp stream sender and receiver. Programmable „telnet“. Bannergrabbing. Generic server. � written by Hobbit of @stake � latest version: 1.10 as of 20/03/1996 � Homepage: http://www.atstake.com/research/tools/ � Typical use: # ( echo # ( echo HEAD / HTTP/ 1. 0; HEAD / HTTP/ 1. 0; echo echo) | ) | \ \ # ( # ( echo echo HEAD / HTTP/ 1. 0; HEAD / HTTP/ 1. 0; echo echo ) | ) | \ \ net cat www. net cat www net cat www net cat www . . l i nuxt ag . l i nuxt ag l i nuxt ag. l i nuxt ag . . or g . or g or g 80 or g 80 80 80 � obsoletes: telnet, web browsers, ... FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  9. secunet Tool 4: whisker � Convenience tool to detect common vulnerabilities of web servers. Nice database of built-in patterns. Sensible scanning instead of brute force trial. � written by Rain Forest Puppy � latest version: 1.4 as of 03/08/2001 � Homepage: http://www.wiretrip.net/rfp/ � Typical use: # # whi sker # # whi sker whi sker - whi sker - - - vi h www vi h www vi h www vi h www. . . . l i nuxt ag l i nuxt ag l i nuxt ag l i nuxt ag. . . or g . or g or g or g � obsoletes: web browsers, specific scanner FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  10. secunet whisker Scan web servers Scan web servers FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  11. secunet Tool 5: Ethereal (with tcpdump) � Network sniffer, filtering, advanced protocol disassembly, TCP packet reassembly � written by Gerald Combs and team � latest version: 0.9.3 as of 30/03/2002 � Homepage: http://www.ethereal.com/ � Is based on the powerful pcap library, has both GUI and text frontend � obsoletes: (tcpdump), sniffit, several custom scanners, ... FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  12. secunet Ethereal Sniff and visualize Sniff and visualize FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  13. secunet Tool 6: ettercap � Allround tool for spoofing, sniffing and hijacking. Has both passive and active modes. Allows injection of own data in communication streams. Man-in-the-middle-attacks. Password collection for several protocols. � written by ALoR and NaGA � latest version: 0.6.5 as of 23/04/2002 � Homepage: http://ettercap.sourceforge.net/ � Typical use: Use ettercap to redirect traffic through your machine in a switched network and use Ethereal to read the passwords out of the streams. � obsoletes: cheops, ftp-scanner, bind-scanner, webscanner, ... FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  14. secunet ettercap Target Selection Target Selection FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  15. secunet ettercap Passive Scanning Passive Scanning FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  16. secunet ettercap Live Sniffing Live Sniffing FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  17. secunet Tool 7: spak � Generate custom packets of various network layers: Set strange TCP-Flags, Send UDP packets with bogus data boundaries. Forge source routed IP packets, with source routing and more. � written by Karyl F. Stein � latest version: 0.6b as of 02/03/1998 � Homepage: http://www.cs.purdue.edu/homes/steinfk/software/ � Typical use: # m # # # m m m aket cp aket cp $SRC $SRCP $DST $DSTP aket cp aket cp $SRC $SRCP $DST $DSTP $SRC $SRCP $DST $DSTP - $SRC $SRCP $DST $DSTP - - ss - ss ss - ss - - of - of of of . . / sam . . / . . / . . / sam sam sam pl e pl e_ pl e pl e _ _ _opt i ons opt i ons | opt i ons opt i ons | | | \ \ \ \ m m m m akei p akei p akei p akei p $SRC $DST $SRC $DST - $SRC $DST $SRC $DST - - - i i i - i - - - - sd - - - sd sd sd | | | | sendpacket sendpacket sendpacket sendpacket $DST $DST $DST - $DST - v - - v v v � obsoletes: arp-fun, nemesis, ... FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  18. secunet Tool 8: John the ripper � Multipurpose password cracker. Breaks old (DES) and new (MD5) Unix passwords, different types of Windows passwords from sam and from network sniffers, cisco passwords etc. � written by Solar Designer � latest version: 1.6.31-dev as of 03/03/2002 � Homepage: http://www.openwall.com/john/ � Typical use: # j ohn # j ohn - - r esum r esum e passwd. e passwd . gr abbed gr abbed # # j ohn j ohn - - r esum r esum e passwd e passwd . . gr abbed gr abbed � obsoletes: crack, l0phtcrack, ciscocrack, ... FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

  19. secunet Tool 9: OpenSSL � Create and fake certificates. Encrypt and decrypt DES, 3DES, Blowfish, IDEA, AES, ... Talk SSL/TLS to encrypted webservers. � written by OpenSSL project team � latest version: 0.9.6c as of 22/12/2001 � Homepage: http://www.openssl.org/ � Typical use: # ( echo # ( echo HEAD / HTTP/ 1. 0; HEAD / HTTP/ 1. 0; echo echo) | ) | \ \ # ( # ( echo echo HEAD / HTTP/ 1. 0; HEAD / HTTP/ 1. 0; echo echo ) | ) | \ \ openssl openssl openssl openssl s_cl i ent s_ s_ s_ cl i ent cl i ent - cl i ent - connect www - - connect www. connect www connect www . . l i nuxt ag . l i nuxt ag l i nuxt ag. l i nuxt ag . or g . . or g or g: 443 or g : 443 : 443 : 443 � Library version is built into some tools like ettercap FIRST Technical Colloquium 2003, Uppsala, Sweden Stand and Deliver: Essential Security Testing Tools Nils Magnus

Recommend

Stand & Deliver: Tips for Delivering Effective Presentations U.S. EPA Community Involvement

Stand & Deliver: Tips for Delivering Effective Presentations U.S. EPA Community Involvement

Stand & Deliver: Tips for Delivering Effective Presentations U.S. EPA Community Involvement University CIU Presents Webinar January 14 and 15, 2020 Presented by: Pamela (Pam) Avery, AveryMassey, LLC pam@averymassey.com Introduction Pam

667 views • 48 slides
Stand and Deliver: Presentation Skills for RPMS Taylor Jones CulturePoint LLC 26 th NARPM

Stand and Deliver: Presentation Skills for RPMS Taylor Jones CulturePoint LLC 26 th NARPM

Stand and Deliver: Presentation Skills for RPMS Taylor Jones CulturePoint LLC 26 th NARPM Training Program Course Objectives To understand how people evaluate presentations To review best practices for presentations To develop a

1.08k views • 38 slides
Stand and Deliver: Presentation Skills Taylor Jones CulturePoint, LLC Course Objectives To

Stand and Deliver: Presentation Skills Taylor Jones CulturePoint, LLC Course Objectives To

2020 OSC 2020 OSC Acade Academy my Stand and Deliver: Presentation Skills Taylor Jones CulturePoint, LLC Course Objectives To understand how people evaluate presentations To review best practices for presentations To develop a

500 views • 38 slides
Stand and deliver! Your money or your data. James Burchell Sophos Security Specialist Endpo

Stand and deliver! Your money or your data. James Burchell Sophos Security Specialist Endpo

Stand and deliver! Your money or your data. James Burchell Sophos Security Specialist Endpo Endpoin int sec secur urit ity has r has reac eached a hed a ti tipping po poin int Trumpings on Cyber Now the cyber is so big and you

509 views • 29 slides
9/3/2020 Pretest What does NRS stand for? What does EFL stand for? What does PoP stand

9/3/2020 Pretest What does NRS stand for? What does EFL stand for? What does PoP stand

9/3/2020 Pretest What does NRS stand for? What does EFL stand for? What does PoP stand for? When does a new PoP begin? Why do we collect data on barriers to employment? What is the difference between a reportable individual

397 views • 5 slides
How to Deliver The Ultimate Agent Presentation! What have we learned so far in the previous

How to Deliver The Ultimate Agent Presentation! What have we learned so far in the previous

How to Deliver The Ultimate Agent Presentation! What have we learned so far in the previous webinar How to get the attention of decision makers for new business. Obtain more business from existing relationships. Stand out from

465 views • 21 slides
Telehealth in Wyoming Where We Now Stand James F. Bush, MD, MACP Wyoming Medicaid Medical

Telehealth in Wyoming Where We Now Stand James F. Bush, MD, MACP Wyoming Medicaid Medical

Telehealth in Wyoming Where We Now Stand James F. Bush, MD, MACP Wyoming Medicaid Medical Director August 30,2019 What is Telehealth? Telehealth is the use of technology to deliver healthcare, health information, or health education at a

475 views • 25 slides
S chool Rove r STAND AND DELIVER TALA MORSEU FONT The weeks in Term 3 are flashing by and almost

S chool Rove r STAND AND DELIVER TALA MORSEU FONT The weeks in Term 3 are flashing by and almost

A jug fills drop by drop. Issue 13, Aug. 27, 2010 Buddha ACN 063049669 Maher Road, P. O. Box 771, Gordonvale, North Queensland 4865 tel: (07) 40433777 fax: (07) 40566111 email:

399 views • 8 slides
Cyber Cybersecurity security Wher here do w e do we stand? e stand? HUMAN HUMAN FACT

Cyber Cybersecurity security Wher here do w e do we stand? e stand? HUMAN HUMAN FACT

Cyber Cybersecurity security Wher here do w e do we stand? e stand? HUMAN HUMAN FACT CTOR OR Hussein Hassanali Chief Information Security Officer, Bank AL Habib Limited & President, ISACA Karachi Chapter UBL Funds Culture

376 views • 19 slides
How to Stand Out from the Crowd on How to Stand Out from the Crowd on LinkedIn LinkedIn Maureen

How to Stand Out from the Crowd on How to Stand Out from the Crowd on LinkedIn LinkedIn Maureen

How to Stand Out from the Crowd on How to Stand Out from the Crowd on LinkedIn LinkedIn Maureen Coogan April 7, 2020 Objectives Objectives Create a professional profile on the LinkedIn platform Detail the different methods to

833 views • 25 slides
Ma Mark 1 k 12:30-31 31 I I STAN STAND D AM AMAZED AZED I I stand d ama mazed d in

Ma Mark 1 k 12:30-31 31 I I STAN STAND D AM AMAZED AZED I I stand d ama mazed d in

Ma Mark 1 k 12:30-31 31 I I STAN STAND D AM AMAZED AZED I I stand d ama mazed d in the pr presenc nce Of Of J Jesus us the the Na Nazarene ne And wonde And w onder how how H He c could ould love love m me A s A

1.3k views • 107 slides
Pilot Sit-Stand Workstation- Tools to Sell 1 6 Pilot-Value Proposition The Pilot

Pilot Sit-Stand Workstation- Tools to Sell 1 6 Pilot-Value Proposition The Pilot

Pilot Sit-Stand Workstation- Tools to Sell 1 6 Pilot-Value Proposition The Pilot Sit-Stand Workstation is the only ergonomic rear-mounted sit- stand height adjustable workstation that meets the ANSI/BIFMA and HFES requirements with

1.34k views • 27 slides
West Elkton Friends Meeting August 4, 2019 Stand to sing if able #181 Stand by Me New Socks A

West Elkton Friends Meeting August 4, 2019 Stand to sing if able #181 Stand by Me New Socks A

Welcome to West Elkton Friends Meeting August 4, 2019 Stand to sing if able #181 Stand by Me New Socks A Publishers Weekly Top 10 in Religion selection. This is nothing less than the gospel itselfa much - needed book. FR.

949 views • 40 slides
PRESENT LIKE A PRO HOW TO CREATE AND DELIVER HI-IMPACT PRESENTATIONS THE MOST EFFECTIVE WAY TO

PRESENT LIKE A PRO HOW TO CREATE AND DELIVER HI-IMPACT PRESENTATIONS THE MOST EFFECTIVE WAY TO

PRESENT LIKE A PRO HOW TO CREATE AND DELIVER HI-IMPACT PRESENTATIONS THE MOST EFFECTIVE WAY TO CRAFT WORLD - CLASS PRESENTATIONS AND DELIVER THEM CONFIDENTLY This course provides guidelines and best practices to prepare and deliver captivating

312 views • 3 slides
What do we believe about collaboration? 1 Stand and Declare Collaboration with

What do we believe about collaboration? 1 Stand and Declare Collaboration with

Community Engagement USBC Summer Pre Institute Washington DC Tom Wolff Ph.D. Tom Wolff & Associates Stand and Declare What do we believe about collaboration? 1 Stand and Declare Collaboration with representatives from all parts

693 views • 29 slides
Adversity is sometimes hard upon a man; but for one man who can stand prosperity, there are a

Adversity is sometimes hard upon a man; but for one man who can stand prosperity, there are a

Adversity is sometimes hard upon a man; but for one man who can stand prosperity, there are a hundred who will stand adversity. Thomas Carlyle Not every man can carry a full cup. J. Oswald Sanders When two full years had passed,

657 views • 47 slides
162 163 Si Sit/St t/Stand and Assessm Assessmen ent 5x sit/stand test 60 69 y/o 11.4 sec

162 163 Si Sit/St t/Stand and Assessm Assessmen ent 5x sit/stand test 60 69 y/o 11.4 sec

162 163 Si Sit/St t/Stand and Assessm Assessmen ent 5x sit/stand test 60 69 y/o 11.4 sec 70 79 y/o 12.6 sec 80 89 y/o 14.8 sec 164 Tw Two Mi Minute te St Step ep in in Place Place Te Test Ri Rikl kli RE, E, Jones Jones CJ

429 views • 7 slides
Deliver national, think local Nicola Mcleod, Supply Chain & Operations Manager Deliver

Deliver national, think local Nicola Mcleod, Supply Chain & Operations Manager Deliver

Deliver national, think local Nicola Mcleod, Supply Chain & Operations Manager Deliver national, think local Establishing a high-quality, scalable supply chain to deliver across Scotland Introduction to Warmworks Founded in 2015, Warmworks

469 views • 12 slides
the RAL Front End Test Stand David Lee Outline The RAL Front End Test Stand The Need for

the RAL Front End Test Stand David Lee Outline The RAL Front End Test Stand The Need for

A Laser-Based Beam Density Distribution Diagnostic for the RAL Front End Test Stand David Lee Outline The RAL Front End Test Stand The Need for Non-Destructive, Non-Interceptive Diagnostics Laser-Based H Beam Diagnostics: Basic Principle

787 views • 30 slides
SMART GOVERNMENT INVOICING: INVOICE PROCESSING PLATFORM LEAD. TRANSFORM. DELIVER LEAD. TRANSFORM.

SMART GOVERNMENT INVOICING: INVOICE PROCESSING PLATFORM LEAD. TRANSFORM. DELIVER LEAD. TRANSFORM.

SMART GOVERNMENT INVOICING: INVOICE PROCESSING PLATFORM LEAD. TRANSFORM. DELIVER LEAD. TRANSFORM. DELIVER LEAD. TRANSFORM. DELIVER LEAD. TRANSFORM. DELIVER LEAD. TRANSFORM. DELIVER LEAD. TRANSFORM. DELIVER Introductions Presenter Organization

752 views • 35 slides
UNSW Engineering Scholarships Presentation 13 May 2015 Never Engineering Stand Still Order

UNSW Engineering Scholarships Presentation 13 May 2015 Never Engineering Stand Still Order

UNSW Engineering Scholarships Presentation 13 May 2015 Never Engineering Stand Still Order of Proceedings Q: What does M in MRI scan stand for? Q: A team of fjve biomedical engineers in Edinburgh, Scotland created the fjrst working bionic

313 views • 5 slides
Sun Tan Oil: Never a summer without the classical tanning oil, Amatoury infuses its own version

Sun Tan Oil: Never a summer without the classical tanning oil, Amatoury infuses its own version

Sun Tan Oil: Never a summer without the classical tanning oil, Amatoury infuses its own version with concentrated amounts of Carrot Oil and Vitamin E to stand out as one of the fastest waterproof products to deliver a deep even tan and a

207 views • 6 slides
VETERANS STAND DOWN 2019 OUTCOMES PRESENTATION BY SHALIMAR T. CABRERA EXECUTIVE DIRECTOR,

VETERANS STAND DOWN 2019 OUTCOMES PRESENTATION BY SHALIMAR T. CABRERA EXECUTIVE DIRECTOR,

VETERANS STAND DOWN 2019 OUTCOMES PRESENTATION BY SHALIMAR T. CABRERA EXECUTIVE DIRECTOR, U.S.VETS LAS VEGAS CHAIR, LAS VEGAS VETERANS STAND DOWN Las Vegas Veterans Stand Down 2019 PROGRAMMING : Client-centered approach Service

377 views • 14 slides
President NW TN Angel Fund, LLC Stand up if you know where you want that business to be in 5

President NW TN Angel Fund, LLC Stand up if you know where you want that business to be in 5

Frank Holbrook President NW TN Angel Fund, LLC Stand up if you know where you want that business to be in 5 years Stand up if you know where you want that business to be in 10 years Stand up if you know where you want that business to be

811 views • 45 slides

More recommend