Computer Sciences and Information Technology
Scenario:
You have just completed your reconnaissance plan describing how you would gather information on Haverbrook Investment Group. Now you will continue your Penetration Test Proposal by submitting your plans for scanning the target systems.
In this phase, you know you have to execute more specific scanning methodologies to identify targets of opportunity and vulnerabilities to be exploited.
As a pen tester, you are going to continue to scan for vulnerabilities, test for open ports, and check for live systems. You know a few ways to do this, including performing IP sweeps, which might include protocols such as ICMP, UDP, and TCP, or using techniques such as banner grabbing or OS fingerprinting.
Ultimately, you know that to exploit Haverbrook’s systems, you need a structured and ordered approach.
Work:
Outline and discuss specific use cases to discover and enumerate information that could be used for potential exploitation. Some examples of information that you are gathering from Haverbrook Investment Group’s systems are usernames, machine names, shares, and services from a system. Identify any software, applications, or scripts that will be needed and provide a description of how this software will be used to gather information about Haverbrook’s systems.
As you are developing the Scanning Plan, keep these questions in mind:
How would you detect active systems?
How would you determine the best attack vector you wish to exploit?
How would you prioritize different targets of opportunity?
What tools would you be using for scanning and enumeration of systems and vulnerabilities?
Be sure to identify any needed software and provide a description of how it will be used to gather information about the systems.
Penetration Test Proposal
Deliverable 2: Reconnaissance Plan and Scanning Plan
Reconnaissance Plan
Overview
Penetration tests are conducted by organizations as a security exercise to identify and exploit vulnerabilities in a computer and network system. It is also referred to as ethical hacking performed manually or integrated with the systems to be conducted automatically. The reconnaissance phase is the first step in the penetration test. In this stage, a pen tester will visit Haven Group Investment systems to conduct information gathering. This entails doing in-depth research on the company on location. Through this, the pen tester will determine the organizational structure, the type of business model the company uses and other imperative information about the company such as their telephone numbers, emails among other publicly accessible information that can be used to launch an attack.
Reconnaissance Methods
These are methods used to collect information about the Havenbrook investment Group systems. There tow key reconnaissance methods, passive and active reconnaissance. For active it entails, compromising a system to gain information whereas passive involves collecting information without necessarily compromising systems. To achieve maximum results, the company’s penetration tests will utilize both methods to gather the information that could be used to penetrate its networks and systems. The main active technique is port scanning, whereas passive techniques include war diving, dumpster driving, WHOIS, and Nessus. These techniques are used in the penetration test to collect information about the Haven brook Groups network and identify potential vulnerabilities and associated risks
Scanning Plan
Overview
After conducting reconnaissance, the scanning phase follows. The attacker collects in-depth and detailed information about the Havenbrook investment groups, such as usernames in this phase. Passwords, software’s and operating systems used. After identifying in g all these, the hacker can further research the vulnerabilities of these systems while devising a viable method to launch attacks (Kaur, 2017).
Tactics, Techniques, and Procedures
There are techniques and procedures; the attacker uses the information obtained by survey n and scanning for vulnerabilities in the systems. Additionally, the uses the passive and active from the reconnaissance stage to carry out the penetration tests. One of the methods used by reconnaissance will be passive techniques. Firstly, the dumpster driving this entails searching through the company’s discarded hardware and software to identify any potential information that can be used to attack the company’s systems. Secondly, wardriving, whereby the attacker, in this case, the pen tester, searches for vulnerable access points by driving within the company (Wang, 2018).
Another vulnerable access point is through gaining employee information. Through this, the attacker can use WHOIS; this is a software command used to gain information on windows about employees within the company. For essence, their emails, addresses, telephone numbers and names. Moreover, the pen tester can use port scanning whereby, the attacker scans the company’s network to identify any open ports that can be exploited to an attempt to enter into the company’s network by using an intrusion detections system (Kaur, 2017)Through this technique the pet tester will identify access points, gather employee’s information, and specific details about the hardware and software, such as the type of software used, or devices connected to the computers and frequency of access of the computers by the employees.
This will be followed by a trial to infiltrate the systems. This happens when the devices are not in use to prevent detection. One of the software used is Nessus, which will scan through its network to determine the ports. Additionally, the pet tester will use Kali Linux will scan through the system will identify open ports, the open opens will undergo the enumeration process whereby the attack tries to extract information in these access points in to infiltrate the system. In penetration tests, one of the most reliable software is the Enum Linux that does thorough scanning and enumeration to identify vulnerable points in the company’s systems. From there, all the detected vulnerabilities are eliminated, and loopholes are sealed (Najera-Gutierrez, 2018).
References
Kaur, G., & Kaur, N. (2017). Penetration Testing–Reconnaissance with NMAP Tool. International Journal of Advanced Research in Computer Science, 8(3).
Najera-Gutierrez, G., & Ansari, J. A. (2018). Web Penetration Testing with Kali Linux: Explore the methods and tools of ethical hacking with Kali Linux. Packt Publishing Ltd.
Wang, L. (2018, May). Design and Research on the Test of Internal Network Penetration Test. In 2018 International Conference on Network, Communication, Computer Engineering (NCCE 2018). Atlantis Press.