CFR 4.0

1.
Assessing Information Security Risk

Tuesday, May 16, 2017
4:58 PM
1. S dng cc security template policy ca SANS

- Truy cp https://www.sans.org/security-resources/policies
2. Analyzing the Threat Landscape
8:13 PM
3. Analyzing Reconnaissance Threats to Computing and

Network Environments
8:14 PM
1. Implement Threat Modeling
2. Assess the Impact of Reconnaissance Incidents

1. Cng c recon-ng
- Khi ng cng c
root@pentest:~# recon-ng
- To thng tin v workspace
- Thng tin cc modules https://bitbucket.org/LaNMaSteR53/recon-
ng/wiki/Usage%20Guide#!acquiring-api-keys
- ng k Google API
- ng nhp ti khon Google
- Truy cp https://console.developers.google.com/apis/dashboard
- Thc hin to Google Project
- Kch hot Custom Search API

- Thc hin to API Key
- Thm cc API
google_api | AIzaSyCh_p5xSrrTttmwSAqzVn3Dd2tB8Q-
nUuw
google_cse | !001280586187183383443:vcqkedkugeo
bing_api |
c9Dr4R5WM12zRTWv5/SnrO2IIcCTAxkvCG9fxKuteVA
- Thc hin thm key API
- Hin th li thng tin key API c thm vo

- Hin th cc modules m cng c recon-ng h tr
- Thc hin thm domain target

- Thc hin xem cu trc database m recon-ng lu tr
- Hin th danh sch cc subdomain thu thp
- Kt ni n cc search enginee s dng API
- S dng module
- Thc hin brute-force subdomain
- Thc hin lc kt qu nu c false positive
- Thc hin phn gii ra a ch IP

- Thc hin geoip
- Xut kt qu t recon-ng
2. Thu thp dy a ch IP ca target
- Thc hin thao tc trn ip-ranges
3. Thm vn DNS
4. Cc cng c online
- Lin quan n Domain, IP, DNS, GeoIP
- S dng https://www.robtex.com/ (*)
- S dng http://centralops.net/co/ (*)
- S dng https://www.maxmind.com/en/home
- S dng https://maps.google.com
- S dng http://who.is
- S dng http://www.findip-address.com
- S dng http://www.domaintools.com
- S dng https://dnsdumpster.com/ (*)
- Lin quan n Cache, History Webpage
- S dng https://archive.org/
- S dng Google Cache:
http://webcache.googleusercontent.com/search?q=cache:[domain|link]
- Lin quan n OS, services, version
- S dng http://netcraft.com
- S dng http://www.shodanhq.com/
5. Kim tra cng ngh Web s dng

- Gi mo User-Agent
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-
Agent/Firefox
- Nhn din WAF

II. Network Analysis
1. Cng c Wireshark
- Ty chnh cc ct SrcPort, DstPort
- Thc hin cc ch lc (Filter) theo 3 cch
+ Thc hin lc ton b theo tng lp (layer) ca m hnh TCP/IP:
VD: Lc theo lp Application: ftp, http, ssh...
VD: Lc theo lp Transport : tcp, udp
...
+ Thc hin lc theo tng lp vi tham s ca lp
VD Lc vi tham s i vi lp Application
http.request.method=="GET",
ftp.request.command=="PWD"
VD Lc vi tham s i vi lp IP hay TCP ip.src==8.8.8.8,
tcp.port==80
+ Thc hin lc kt hp
VD ip.src==10.10.10.10 and ftp, http || dns
- S dng dch data. V d http[0:3]=="GET"
- Thc hin p dng cc ton t so snh cc trng trong protocol, chui, biu
thc logical v biu thc tp hp
V d tcp.port in {80,21}
- Thit lp Filter button trn thanh cng c Wireshark nhanh chng p dng
cc filter thng xuyn s dng
- Thc hin Capture Filter hn ch cc kt qu ngay t u
- S dng mu (colors) lm ni bt packet.
Lu l th t mu c gn s khp rule theo th t u tin, tc l khp
rule no ri th b qua cc rule cn li. Do vy, lu khi nh mu v la chn
th t trc sau ph hp
- V d v th t mu c nh du v u tin
- S dng Mark/Unmark Packet nhanh chng nh du ging nh phn trn

m khng cn phi thit t
- Thit lp Name Resolution
- Resolve Name a ch MAC
- Resolve a ch IP
- Khi ng dch v netcat
2.3 Thc hnh Network Forensics
Thc hnh phn tch Reconnaissance.pcapng
Thc hin la chn Statistics --> Conversations v sp xp theo
Packets
S hiu cng B thay i lin tc v Packets ch c gi 1. La chn

Packets c s lng 3 v thc hin TCP Follow Stream s thy ngt kt ni i
vi cc cng open
Thc hin Flow Graph
- Theo di qu trnh trao i gia cc client v cc a ch IP khc nhau
Cng c Nmap
- Xc nh host up hay down vi ty chn -sP
- Quan st kt qu Ping Scan bng tcpdump
- Thc hin lu kt qu Ping Scan vi tcpdump

- Thc hin c kt qu t tcpdump
- Thc hin Ping Scan vi a ch IP LAN

- Quan st cc cng m ca cc dch v s dng TCPView
- Thc hin Port Scan

- Phn tch kiu scan -sS
- Trng hp cng ng
- Trng hp c Firewall
- Cu hnh Firewall Log
- Kim tra Firewall Log
- Thc hin kiu qut Full Scan -sT
- Thc hin kim tra phin bn dch v v h iu hnh (-sV -sC -O)
- Thc hin qut vi Nmap Script (--script=<tn script>)
- Thc hin ti nmap script wget https://raw.githubusercontent.com/cldrn/nmap-

nse-scripts/master/scripts/smb-vuln-ms17-010.nse (c s dng bi m c
WannaCry)
- Kim tra l hng ms17-010 vi Nmap
- Thc hin Ping Scan network

- Thc hin port scan trn 445

CFR 4.0

Uploaded by

Copyright:

Available Formats

You might also like

CFR 4.0

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CFR 4.0

Uploaded by

Copyright:

Available Formats

1.

Assessing Information Security Risk

1. S dng cc security template policy ca SANS

3. Analyzing Reconnaissance Threats to Computing and

1. Implement Threat Modeling

2. Assess the Impact of Reconnaissance Incidents

- Kch hot Custom Search API

- Thc hin thm key API

- Hin th li thng tin key API c thm vo

- Thc hin thm domain target

- Thc hin phn gii ra a ch IP

5. Kim tra cng ngh Web s dng

- Nhn din WAF

- S dng Mark/Unmark Packet nhanh chng nh du ging nh phn trn

S hiu cng B thay i lin tc v Packets ch c gi 1. La chn

- Thc hin lu kt qu Ping Scan vi tcpdump

- Thc hin Ping Scan vi a ch IP LAN

- Thc hin Port Scan

- Thc hin qut vi Nmap Script (--script=<tn script>)

- Thc hin ti nmap script wget https://raw.githubusercontent.com/cldrn/nmap-

- Thc hin Ping Scan network

You might also like