![]() SANS SEC5. 60 | On. Demand Online Training. IMPORTANT - BRING YOUR OWN LAPTOP WITH WINDOWSTo get the most value out of this course, students are required to bring their own laptop so that they can connect directly to the workshop network we will create. It is the students' responsibility to make sure the system is properly configured with all drivers necessary to connect to an Ethernet network. Some of the course exercises are based on Windows, while others focus on Linux. VMware Player or VMware Workstation is required for the class. If you plan to use a Macintosh, please make sure you bring VMware Fusion, along with a Windows guest virtual machine. Windows. You are required to bring Windows 1. Professional, Enterprise, or Ultimate), Windows 7 (Professional, Enterprise, or Ultimate), Windows Vista (Business, Enterprise, or Ultimate) or Windows 2. Server, either a real system or a virtual machine. The course includes a VMware image file of a guest Linux system that is larger than 3 GB. Therefore, you need a file system with the ability to read and write files that are larger than 2 GB, such as NTFS on a Windows machine. ![]() BibMe Free Bibliography & Citation Maker - MLA, APA, Chicago, Harvard. IMPORTANT NOTE: You will also be required to disable your anti- virus tools temporarily for some exercises, so make sure you have the anti- virus administrator permissions to do so. DO NOT plan on just killing your anti- virus service or processes, because most anti- virus tools still function, even when their associated services and processes have been terminated. For many enterprise- managed clients, disabling your anti- virus tool may require a different password than the Administrator account password. Please bring that administrator password for your anti- virus tool. Enterprise VPN clients may interfere with the network configuration required to participate in the class. If your system has an enterprise VPN client installed, you may need to uninstall it for the exercises in class. VMware. You will use VMware to run Windows and Linux operating systems simultaneously when performing exercises in class. You must have either the free VMware Player 6 or later or the commercial VMware Workstation 1. You can download VMware Player for free here. Retired Available Introduction _10373_10001 _10373_10006 _10375_10001 _10375_10006 _10376_10001 _10376_10006 _10376_10022 _108862_10001 _11372_10001 _11373_10001. Casting - Brewce Martin Story - Skatopia is an Appalachian farm where hardcore skating, punk rock and hillbilly culture collide in one anarchistic, unique community. Java programming tutorials, articles, tips, code examples and demo programs of various categories: Java core, Java SE, Java EE, Spring framework, Struts framework. ![]() Alternatively, if you want a more flexible and configurable tool, you can download a free 3. VMware Workstation here. VMware will send you a time- limited license number for VMware Workstation if you register for the trial on their website. No license number is required for VMware Player. We will give you a USB full of attack tools to experiment with during the class and to take home for later analysis. We will also provide a Linux image with all of our tools pre- installed that runs within VMware Player or VMware Workstation. Linux. You do not need to bring a Linux system if you plan to use our Linux image in VMware. However, you are required to bring VMware Workstation,VMware Player or VMware Fusion. The class does not support Virtual Box, Virtual. PC, or other non- VMware virtualization products. Mandatory Laptop Hardware Requirementsx. GHz CPU minimum or higher 4 GB RAM minimum with 8 GB or higher recommended. Ethernet adapter (a wired connection is required in class; if your laptop supports only wireless, please make sure to bring a USB Ethernet adapter with you)1. GB available hard- drive space. Any Service Pack level is acceptable for Windows 1. Windows 7 or Windows Vista. During the workshop, you will be connecting to one of the most hostile networks on Earth! Your laptop might be attacked. Do not have any sensitive data stored on the system. SANS is not responsible for your system if someone in the class attacks it in the workshop. By bringing the right equipment and preparing in advance, you can maximize what you will see and learn, as well as have a lot of fun. If you have additional questions about the laptop specifications, please contact laptop_prep@sans. Hacking with Kali: Practical Penetration Testing Techniques. The following is an excerpt from the book Hacking with Kali: Practical Penetration Testing Techniques written by authors James Broad and Andrew Bindner and published by Syngress. This section from chapter six explains the five phases of the penetration testing lifecycle: reconnaissance, scanning, exploitation, maintaining access and reporting. Introduction to the lifecycle. Most people assume that all a penetration tester, or hacker, needs to do is sit down in front of a computer and begin typing an obscure string of code and voila any computer in the world is instantly opened. This stereotype based in Hollywood legend is far from the truth. Professionals in this field are very meticulous in the approach used when to uncovering and exploiting vulnerabilities in computer systems. Over time a proven framework has emerged that is used by professional ethical hackers. The four phases of this framework guide the penetration tester through the process of empirically exploiting information systems in a way that results in a well- documented report that can be used if needed to repeat portions of the testing engagement. This process not only provides a structure for the tester but also is used to develop high- level plans for penetration testing activities. Each phase builds on the previous step and provides detail to the step that follows. While the process is sequential, many testers return to earlier phases to clarify discoveries and validate findings. The first four steps in the process have been clearly defined by Patrick Engebretson in his book The Basics of Hacking and Penetration Testing. These steps are Reconnaissance, Scanning, Exploitation, and Maintaining Access. This book uses these same steps but expands Patrick’s work with an additional step Reporting. Additionally, when compared to the five phase process defined by EC- Council in its popular Certified Ethical Hacking (C│EH) course, many may notice the final phase of that process, Covering Tracks, is missing. This was done intentionally to focus on the earlier phases and include a chapter on reporting, a topic that is omitted from many books on this topic. This book also differentiates from the earlier book by removing the cyclic illustration of the lifecycle and replacing it with a more linear visualization illustration that matches what an ethical hacker would normally encounter in a normal engagement. This would begin with reconnaissance of the target information system and end with the penetration tester or test team lead briefing the information systems leadership and presenting the report of what was discovered. This linear process is illustrated in Figure 5. A basic view of each of the phases will be drawn out in this chapter and a more extensive description will be made in the chapters devoted to each phase. In addition to the description common tools for each phase will be introduced in the coming chapters. In this way the reader will not only understand the phases of the lifecycle but also have a view under the hood of what tools are most likely to be used first by engineers in this field of security. These chapters will introduce the reader to the tools but will not be exhaustive and really only scratch the surface of whet each tool or technique can do to assist in conducting these types of tests. Many of the tools or techniques have entire books - - sometimes many books - - devoted to their correct use and application. Phase 1: Reconnaissance. In a small room with dim lights, analysts and officers scan and inspect maps of hostile territory. Across the room others watch television channels across the globe frantically taking notes. The final group in this room prepares a detailed assessment of everything about the target being investigated. While this scenario details what would normally be done in a military reconnaissance of a possible target, however, it is analogous to what the penetration tester will do during the reconnaissance phase of the penetration testing lifecycle. This illustrates the type of work done during the reconnaissance phase of the pentesting lifecycle. This phase focuses on learning anything and everything about the network and organization that is the target of the engagement. This is done by searching the Internet and conducting passive scans of the available connections to the targets network. In this phase, the tester does not actually penetrate the network defenses but rather identifies and documents as much information bout the target as possible. Phase 2: Scanning. Imagine a hilltop deep behind enemy lines, a single soldier crouches hidden among a thicket of bushes and trees. The report being sent back informs others about the location of the camp being observed, the mission of the camp, and types of work that is being done in each building. The report also notes the routes in and out of the camp and types of security that can be seen. The soldier in this example had a mission defined by the analysis conducted during the reconnaissance phase. This is true of the second phase of the penetration testing lifecycle. The tester will use information gained in phase 1 to start actually scanning the targets network and information system. Using tools in this phase, a better definition of the network and system infrastructure of the information system will be targeted for exploitation. The information gained in this phase will be used in the exploitation phase. Phase 3: Exploitation. Four soldiers rush through an open field, the moon is only a sliver and obscured by clouds, however, the soldiers see everything is an eerie green glow. They rush the building slipping through a gap in the fence and then through an open back door. After just moments on the target they are on the way back out with vital information about future troop movements and plans for the coming months. Again this matches what the ethical hacker will do in the exploitation phase. The intent of this phase is to get into the target system and back out with information without being noticed, using system vulnerabilities and proven techniques. Phase 4: Maintaining access. Based on drawings provided by the raid team, a group of skilled engineers excavate earth from deep in the tree line under the room that held the vital information taken earlier. The purpose of this tunnel is to provide easy access to the room for continued exploitation of the enemy. This is the same for the tester, once the system is exploited backdoors and rootkits are left on the systems to allow access in the future. Phase 5: Reporting. The raid team commander stands in front of a group of generals and admirals explaining the details of the raid. Each step is explained in great detail expanding on each detail that allowed the exploitation to take place. The penetration tester too must develop detailed reports to explain each step in the hacking process, vulnerabilities exploited, and systems that were actually compromised. Additionally in many cases one member of the team, and sometimes more, may be required to provide a detailed briefing to senior leadership and technical staff of the target information system. Summary. The coming chapters will explain each of these phases in greater detail. Each chapter will provide information on the basics of the common tools used for each phase. Using the process detailed in the reader will understand the purpose and advantages of phase being explained and the most common tools used in that phase. About the author: James Broad (CISSP, C|EH, CPTS, Security+, MBA) is the President and owner of Cyber- Recon, LLC, where he and his team of consultants specialize in Information Security, Information Assurance, Certification and Accreditation and offer other security consultancy services to corporate and government clients. As a security professional with over 2. IT experience, James is an expert in many areas of IT security, specializing in security engineering, penetration testing, vulnerability analysis and research. He has provided security services in the nation’s most critical sectors including defense, law enforcement, intelligence, finance and healthcare.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |