san francisco chapter san francisco chapter
play

San Francisco Chapter San Francisco Chapter Presented by: AAA - PowerPoint PPT Presentation

Feb 21, 2024 •49 likes •969 views

San Francisco Chapter San Francisco Chapter Presented by: AAA Northern California, Nevada & Utah Derek Koopowitz IT Audit Manager Norm Gutierrez IT Audit Specialist Infrastructure Vulnerability Assessment Infrastructure

  1. San Francisco Chapter San Francisco Chapter Presented by: AAA Northern California, Nevada & Utah Derek Koopowitz – IT Audit Manager Norm Gutierrez – IT Audit Specialist

  2. Infrastructure Vulnerability Assessment Infrastructure Vulnerability Assessment Agenda Agenda  What Is A Vulnerability Assessment?  Vulnerability Assessment Process  Business Case For A Vulnerability Assessment  Footprinting  Testing Network Security  Testing Operating System and Web Application Security  Testing Database Security  Vulnerability Management  Q & A San Francisco Chapter San Francisco Chapter

  3. What Is A Vulnerability Assessment? Generally called Ethical Hacking or Network Penetration testing. Another term used these days is Red Teaming. Essentially we are trying to detect network and system vulnerabilities and to test security by taking an “attacker” like approach in order to gain access. We want to enhance security in our infrastructure and a VA is a great way to accomplish that goal. San Francisco Chapter San Francisco Chapter

  4. What Is A Vulnerability Assessment? (cont’d) A vulnerability assessment is being proactive. It determines one’s susceptibility to an attack before the infrastructure is exploited, and it forces companies to take early corrective action (hopefully). It can show the consequences of an attack to your organization. San Francisco Chapter San Francisco Chapter

  5. Vulnerability Assessment Process  Impartial assessment - should not be done by IT (fox guarding the hen house)  Customer consent must be obtained  Define the scope – general or specific depending on cost/time. Areas to test can be: ◦ Internet security (port scanning, password cracking, etc.) ◦ Communications security (VM testing, modem testing, etc.) ◦ Information security (privacy, etc.) ◦ Social engineering ◦ Wireless security ◦ Physical security (access controls, etc.) San Francisco Chapter San Francisco Chapter

  6. Business Case For A Vulnerability Assessment  Protect the crown jewels (data)  Comply with Federal/State laws such as SOX, HIPAA and Privacy  Comply with vendor requirements such as PCI  Avoiding unneeded publicity for your company (i.e. TJ Maxx, ChoicePoint)  Preparing For Potential Infrastructure Breach  Independent Assessment San Francisco Chapter San Francisco Chapter

  7. Footprinting Layman’s term is reconnaissance. This is the information gathering aspect of the VA – obtain all system and user information to understand the environment. Use this information to execute local and remote attacks. Reduces the risk of being discovered. San Francisco Chapter San Francisco Chapter

  8. Footprinting (cont’d) Methodology used:  Publicly available information ◦ Company web pages ◦ SEC Edgar ◦ Search sites (Yahoo, Google, etc.) ◦ Usenet ◦ Job postings San Francisco Chapter San Francisco Chapter

  9. Footprinting (cont’d) Methodology used:  Internet footprinting ◦ Whois ◦ ARIN ◦ Traceroute ◦ NSLookup San Francisco Chapter San Francisco Chapter

  10. Footprinting (cont’d) Methodology used:  Scanning ◦ Port scanning (ping sweep, etc.) ◦ Network scanning (nmap, Superscan, etc.) ◦ Vulnerability scanning (Nessus, Satan, etc.) ◦ Wardialing (Phonescan, Toneloc, etc.) ◦ Banner grabbing San Francisco Chapter San Francisco Chapter

  11. Testing Network Security  Why test the network  What is the objective of testing  Risks associated with not testing  How to test the network San Francisco Chapter San Francisco Chapter

  12. Testing Operating System and Web Application Security  Why test OS and application security  What is the objective of testing  Risks associated with not testing  How to test the OS and application San Francisco Chapter San Francisco Chapter

  13. Testing Database Security  Why test database security  What is the objective of testing  Risks associated with not testing  How to test database security San Francisco Chapter San Francisco Chapter

  14. Infrastructure Vulnerability Assessment Computer Networks  Presentation ◦ Protocol Models ◦ Communication Components and Devices ◦ Infrastructure Attacks ◦ Infrastructure Vulnerabilities ◦ Passive Attacks  Demonstration ◦ Sniff Passwords Over a Network ◦ Sniff Passwords Over a Wireless Network  Q & A San Francisco Chapter San Francisco Chapter

  15. Protocol Models Communication Architecture and Protocols ISO’s OSI Model  DARPA’s TCP/IP Model  Acronyms ISO - International Organization for Standardization  OSI - Open Systems Interconnection  DARPA - Defense Advanced Research Projects Agency  TCP - Transmission Control Protocol  IP - Internet Protocol  San Francisco Chapter San Francisco Chapter

  16. OSI Model OSI is a computer-communications architecture that uses layering. Each layer performs a related subset of the functions required to communicate with another system. It relies on the next lower layer to perform more primitive functions and to conceal the details of those functions. San Francisco Chapter San Francisco Chapter

  17. Seven Layers Of The ISO/OSI Model San Francisco Chapter San Francisco Chapter

  18. OSI Seven Layers And Function Physical - Deals with electrical and mechanical procedures (bits) to establish,  maintain, deactivate physical links Data Link – Sends blocks (frames) of data across physical link providing flow  control and error recovery Network – Provides upper layers with independence from data transmission  and switching technologies Transport – Provides reliable, transparent transfer of data between end  points, flow control and error recovery Session – Provides controls structure for communication between cooperating  applications Presentation – Performs generally useful transformations on data to provide a  standardized application interface and to provide common communications services; encryption, text, compression, reformatting Application – Provides services to users. Defines network applications to perform tasks such as file transfer, e-mail, network management  San Francisco Chapter San Francisco Chapter

  19. OSI Relationship With TCP/IP Protocol Suite  OSI is a reference to protocols, specifically ISO standards, for the interconnection of cooperative computer systems  TCP/IP is a type of OSI protocol  When referring to ISO standards, TCP/IP is not an OSI protocol (i.e., TP-0,TP-1) San Francisco Chapter San Francisco Chapter

  20. OSI Layer Mapped To TCP/IP Mapped To Protocols San Francisco Chapter San Francisco Chapter

  21. TCP/IP Background  TCP/IP Protocol Suite resulted from research funded by DARPA  The protocol suite was designed to foster communication between computers: With diverse hardware architectures ◦ To accommodate multiple computer operating systems ◦ Using any packet switched network ◦ San Francisco Chapter San Francisco Chapter

  22. TCP/IP Background (cont’d)  TCP/IP Protocol Suite Provides Three Conceptual Sets of Internet Services Application Services ◦ Reliable Transport Service (TCP) ◦ Connectionless Packet Delivery (UDP) ◦ Note: User Datagram Protocol (UDP) San Francisco Chapter San Francisco Chapter

  23. IP Datagram Anatomy  TCP/IP’s Basic Transfer Unit is an IP IP Datagram Datagram Fields VER - Version HLEN – Header Length Service Type Length ID, Flags, and Flags Offset TTL – Time To Live Protocol Protocol Header Checksum Source IP Address Source IP Address Destination IP Address Destination IP Address IP Options Padding Data San Francisco Chapter San Francisco Chapter

  24. TCP Anatomy TCP Packet Segment Format TCP Packet Segment Format Source Port  Destination Port  Sequence Number  Acknowledgement Number  HLEN  Reserved  Code Bits  Window  Checksum  Urgent Pointer  Options (IF ANY)  Padding  Data  San Francisco Chapter San Francisco Chapter

  25. UDP Anatomy UDP Packet Segment Format UDP Packet Segment Format Source Port  Destination Port  Length  Checksum  Data  San Francisco Chapter San Francisco Chapter

  26. Communication Components  Packet - A physical message unit entity that passes through a network sending and receiving data between two computers ◦ It usually contains only a few hundred bytes of data ◦ Carries identification that enables computers on the network to know whether it is destined for them or how to send it on to its correct destination  Networks - Packet-Switched Networks San Francisco Chapter San Francisco Chapter

  27. Packet Switched Network Technologies Some examples are:  MPLS – Multiprotocol Layer Switching  Ethernet  X.25  Frame Relay San Francisco Chapter San Francisco Chapter

  28. Network Devices  Hubs  Switches  Routers  Firewalls San Francisco Chapter San Francisco Chapter

  29. Hubs  Operates at Layer 1 (Physical) of the OSI model  Forwards packets by simply broadcasting to every port  Does not look at address information  Floods incoming packets to every port  Each port is the same collision domain  Each port shares the available bandwidth and hosts must contend for access San Francisco Chapter San Francisco Chapter

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Whats New Donald E. Hester San Francisco Chapter For updates to this slide deck and other

Whats New Donald E. Hester San Francisco Chapter For updates to this slide deck and other

San Francisco Chapter Whats New Donald E. Hester San Francisco Chapter For updates to this slide deck and other slide decks please see: http://www.learnsecurity.org/Shared%20Documents /Forms/AllItems.aspx San Francisco Chapter San

650 views • 41 slides
Welcome by the San Francisco Chapter: Philipp Barmettler President SACCSF

Welcome by the San Francisco Chapter: Philipp Barmettler President SACCSF

Welcome by the San Francisco Chapter: Philipp Barmettler President SACCSF (philipp.barmettler@gmail.com) Welcome by the San Francisco Chapter: Philipp Barmettler President SACCSF philipp.barmettler@gmail.com Lukas Peter Andreas Jossen

434 views • 29 slides
City and County of San Francisco City and County of San Francisco San Francisco Planning

City and County of San Francisco City and County of San Francisco San Francisco Planning

City and County of San Francisco City and County of San Francisco San Francisco Planning Department San Francisco Planning Department Summary Presentation on Draft Program Environmental Impact Report for the San Francisco Public Utilities

688 views • 42 slides
Introduction to Automated Controls Jay Swaminathan San Francisco Chapter Agenda Defining

Introduction to Automated Controls Jay Swaminathan San Francisco Chapter Agenda Defining

Introduction to Automated Controls Jay Swaminathan San Francisco Chapter Agenda Defining Automated Controls The Value of Automated Controls Common Testing Approaches ITGC considerations The Concept of Benchmarking

395 views • 26 slides
Chapter 13 Chapter 13 1 What is this? Chapter 13 2 What is this? Chapter 13 3 What is

Chapter 13 Chapter 13 1 What is this? Chapter 13 2 What is this? Chapter 13 3 What is

Chapter 13 Chapter 13 1 What is this? Chapter 13 2 What is this? Chapter 13 3 What is this? Uncertainty Chapter 13 4 Outline Uncertainty Probability Syntax and Semantics Inference Independence and Bayes Rule

688 views • 37 slides
AFSP Greater San Francisco Bay Area Chapter AFSP Save Lives and Bring Hope to Those Affected

AFSP Greater San Francisco Bay Area Chapter AFSP Save Lives and Bring Hope to Those Affected

AFSP Greater San Francisco Bay Area Chapter AFSP Save Lives and Bring Hope to Those Affected by Suicide. AFSP Our Work Research AFSP is the largest private funder of research Legislative Advocacy State/Federal levels Education

536 views • 16 slides
Guidelines for Planning an IS Audit Agenda Session Objectives Information Systems Audit

Guidelines for Planning an IS Audit Agenda Session Objectives Information Systems Audit

San Francisco Chapter San Francisco Chapter Guidelines for Planning an IS Audit Agenda Session Objectives Information Systems Audit Planning and Scoping Understanding Business Requirements Knowledge of the Organization

596 views • 32 slides
Benchmarking Automated Controls Vijay Venkatesh, IT Audit Lead Carrie Gilstrap, IT Audit Manager

Benchmarking Automated Controls Vijay Venkatesh, IT Audit Lead Carrie Gilstrap, IT Audit Manager

Benchmarking Automated Controls Vijay Venkatesh, IT Audit Lead Carrie Gilstrap, IT Audit Manager Brad Ames, Internal Audit Director Hewlett-Packard Company San Francisco Chapter San Francisco Chapter Premise for Continuous Monitoring

879 views • 70 slides
Introduction to Change Introduction to Change Management Management Tuesday, September 23, 2008

Introduction to Change Introduction to Change Management Management Tuesday, September 23, 2008

San Francisco Chapter San Francisco Chapter Introduction to Change Introduction to Change Management Management Tuesday, September 23, 2008 Mark Lundin Steve Owyoung Partner Manager KPMG LLP, IT Advisory KPMG LLP, IT

835 views • 37 slides
Deborah Grove, Principal Grove-Associates Why Green IT is Important Why Green IT is Important

Deborah Grove, Principal Grove-Associates Why Green IT is Important Why Green IT is Important

San Francisco Chapter San Francisco Chapter Deborah Grove, Principal Grove-Associates Why Green IT is Important Why Green IT is Important 1. The energy consumed by servers in the US (and associated air -conditioning) is equivalent to the

369 views • 21 slides
Regulation versus Regulation versus Reality Reality Regulatory Compliance should not be the

Regulation versus Regulation versus Reality Reality Regulatory Compliance should not be the

San Francisco Chapter San Francisco Chapter Regulation versus Regulation versus Reality Reality Regulatory Compliance should not be the goal of an Information Security program - it should be the result. Introduction Introduction (thanx

726 views • 58 slides
SAN FRANCISCO HEALTH REFORM TASK FORCE FINAL REPORT Presentation to the San Francisco Health

SAN FRANCISCO HEALTH REFORM TASK FORCE FINAL REPORT Presentation to the San Francisco Health

SAN FRANCISCO HEALTH REFORM TASK FORCE FINAL REPORT Presentation to the San Francisco Health Commission April 19, 2011 Tangerine Brigham, Deputy Director of Health/Director of Healthy San Francisco, San Francisco Department of Public Health

381 views • 17 slides
Major Themes of 7-12 the horror of human evil, particularly as it is concentrated in the state

Major Themes of 7-12 the horror of human evil, particularly as it is concentrated in the state

Chapter 2Nebuchadnezzars Dream Chapter 3Blazing Furnace Chapter 4Nebuchadnezzar worships God Chapter 5Belshazzar mocks God Chapter 6Lions Chapter 7Daniels Dream Questions: What will we do with

488 views • 13 slides
High Risk Emergency Medicine San Francisco May 21-24, 2014 Westin Market Street San Francisco,

High Risk Emergency Medicine San Francisco May 21-24, 2014 Westin Market Street San Francisco,

Presented by the Department of Emergency Medicine at San Francisco General Hospital and University of California, San Francisco High Risk Emergency Medicine San Francisco May 21-24, 2014 Westin Market Street San Francisco, CA Course Chairs:

297 views • 13 slides
Francisco de Goya and the Mirrors Reflection Andrea Blanco Francisco Goya, Los Caprichos, pl.

Francisco de Goya and the Mirrors Reflection Andrea Blanco Francisco Goya, Los Caprichos, pl.

Francisco de Goya and the Mirrors Reflection Andrea Blanco Francisco Goya, Los Caprichos, pl. 55: Hasta la muerte , Etching, 1794-1799 Diego Velazquez, The Toilet of Venus (The Rokeby Venus) , Oil on Canvas, Francisco Goya, Nude Woman

640 views • 7 slides
San Francisco San Francisco Draft Rate Application Funding the SF Recycling Program and

San Francisco San Francisco Draft Rate Application Funding the SF Recycling Program and

San Francisco San Francisco Draft Rate Application Funding the SF Recycling Program and Pursuing Zero Waste by 2020 80 Percent Diversion Rate in SF San Francisco customers are recycling and composting more and use of the black bin is

430 views • 19 slides
Tulsa Community College Library Services and Programs Assessment Plan May 15, 2018 Final

Tulsa Community College Library Services and Programs Assessment Plan May 15, 2018 Final

Tulsa Community College Library Services and Programs Assessment Plan May 15, 2018 Final Revision, August 9, 2018 Adam Brennan Amanda Ross Bob Holzmann (chair) (Jao-Ming Huang) Josh Barnes (Megan Donald) Stephanie Ingold (management

242 views • 21 slides
The Swift Gamma-Ray Burst Mission -- Science and Data Analysis Hans A. Krimm CRESST / USRA /

The Swift Gamma-Ray Burst Mission -- Science and Data Analysis Hans A. Krimm CRESST / USRA /

The Swift Gamma-Ray Burst Mission -- Science and Data Analysis Hans A. Krimm CRESST / USRA / NASA Goddard Space Flight Center July 29, 2008 Urbino 2008: High Energy Astrophysics Summer School Outline The Swift mission

651 views • 54 slides
Axib ibase Tim ime Series Database Axib ibase Tim ime Series Database Axibase Time-Series

Axib ibase Tim ime Series Database Axib ibase Tim ime Series Database Axibase Time-Series

Axib ibase Tim ime Series Database Axib ibase Tim ime Series Database Axibase Time-Series Database (ATSD) is a clustered non-relational database for the storage of various information coming out of the IT infrastructure. ATSD is specifically

739 views • 54 slides
Introduction About Flow Unix Beginning Analysis Basic SiLK Tools rwfilter Printing and

Introduction About Flow Unix Beginning Analysis Basic SiLK Tools rwfilter Printing and

Introduction About Flow Unix Beginning Analysis Basic SiLK Tools rwfilter Printing and Sorting Tools Counting Tools Other Tools Advanced Sets Bags Prefix Maps Unix Scripting Visualization Basic Graphs Excel Gnuplot Advanced

1.8k views • 140 slides
Business I ntelligence Development at Winnipeg Transit Bill Menzies Senior Transit Planner,

Business I ntelligence Development at Winnipeg Transit Bill Menzies Senior Transit Planner,

I TS Canada Webinar February 28, 2013 Business I ntelligence Development at Winnipeg Transit Bill Menzies Senior Transit Planner, Dillon Consulting Limited Manager of Service Development, Winnipeg Transit (formerly) Transit Service Management

489 views • 25 slides
Linux Under the Hood Manual Pages & Info Pages Distribution Differences Package

Linux Under the Hood Manual Pages & Info Pages Distribution Differences Package

Linux Under the Hood Manual Pages & Info Pages Distribution Differences Package Management Startup and Shutdown Pesky Permissions Common/Useful Tools and Services cron find rsync Manual Pages & Info Pages

238 views • 23 slides
>>>CLICK HERE<<< How to give a business plan presentation Yukon. guidelines for

>>>CLICK HERE<<< How to give a business plan presentation Yukon. guidelines for

How To Give A Business Plan Presentation How to give a business plan presentation Elliot Lake argument topics to write about for an essay bowdoin common good essay new york local weather report. How to give a business plan presentation

63 views • 4 slides
Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools

Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools

Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools Automation Tools Database Sensitivity Worksheet RSM Generation Manager Analysis Editor An Automated system for high throughput simulation based

439 views • 18 slides

More recommend