SANS 560 Notes
560.1 Sans 560: Network Penetration and Ethical Hacking
Definitions
- Threat: Agent That can Cause harm
- Vulnerability: A flaw that can be exploited
- Risk: Overlap of Vulnerability and threat
- Exploit: Code/Technique used by a threat on a vulnerability
- Active attack: manipulates target
- Passive Attack: Does not manipulate target
- Ethical Hacking: Using attack techniques to find flaws with permission, to improve security ( aka white hat hacker )
- Penetration testing: An attempt to gain entry to a network
- Security Assessments/Vulnerability Assessment: Finding vulnerabilities
- Security Audit: Comparing findings against a set of standards
- Phases of an attack
- Recon
- Scanning
- Exploitation
- Pentesting limitations:
- Scope
- Time
- Methods
- Pentester limitations:
- scope
- time
- methods
Public/Free methodologies
- Open Source Security Testing Methodology Manual [1]
- Focus on Transparency, business value
- Broad descriptions of categories
- Numerous templates
- NIST [2]
- Processes
- Roles
- Tools
- High-level
- OWASP [3]
- Web app testing
- compares impact: likelihood
- Penetration Testing Framework [4]
- Network penetration tests
- Specific tools, commands
- Step-by-step
- Recon
- Social Engineering
- Scanning/probing
- enumeration