Kali Linux: security test questions
→ Part 1. Kali Linux: security policy, protecting computers and network services
→ Part 2. Kali Linux: filtering traffic using netfilter
→ Part 3. Kali Linux: monitoring and logging
→ Part 4. Kali Linux: system protection and monitoring exercises
→ Part 5. Kali Linux: System Security Assessment
→ Part 6. Kali Linux: types of information system checks
→ Part 7. Kali Linux: research formalization and attack types
The three previous articles in this series dealt with using Kali Linux to assess the security of information systems. We talked about the types of checks, the formalization of research and the types of attacks for which networks, computers and programs are tested for resistance. The 11th chapter of the book “ Kali Linux Revealed ” is devoted to all this. Today we will summarize this chapter and bring to your attention security questions to it.
In this chapter, we briefly talked about the role of Kali in information security. We talked about the importance of using a clean installation of the system, on the use of encryption in order to ensure the protection of customer data during real research. It also raised the issue of the importance of competent legal registration of security studies. This allows you to protect the interests of the pentester and his client.
')
Recall the main points of this chapter.
The components of the CIA model (confidentiality, integrity, availability - confidentiality, integrity, availability) are characteristics that are paid special attention to in matters of information security. Activities aimed at complying with the principles of the CIA are part of the standard processes of deployment, support and analysis of systems. Understanding these concepts will help you in identifying the vital components of the systems and assessing the amount of forces and resources that should be invested in fixing the problems found.
We considered several types of information system vulnerabilities. Among them is a vulnerability to the inclusion of files, to SQL injections, to buffer overflow, susceptibility of the system to race conditions.
The accuracy of the vulnerability signatures is critical to get the most out of automatic system scanning for vulnerabilities. The more data about the system can be collected - the higher the chance to get adequate results of such a scan. That is why scanning of systems with pre-authentication is popular.
Since automated tools use signature databases to identify vulnerabilities, any, even small, deviation from a known signature can change the result, and, accordingly, the significance of the detected vulnerability.
We analyzed four types of information security research systems. These include assessment of system vulnerability, assessment of systems for compliance with security standards, traditional penetration testing and application research. For different types of research has its own set of tools, however, many studies use the same tools.
Assessing the vulnerability of systems is relatively simple compared to other types of research. Often it is an automatic collection of information about possible vulnerabilities of the target environment. In the relevant section, we talked about the fact that a vulnerability is a defect in an information system, using which you can violate its confidentiality, integrity or accessibility. Since automatic vulnerability scan is based on signatures, this type of research relies on the accuracy of such signatures and can give false positive and false negative results. The main tools for conducting such research can be found in the Vulnerability Analysis and Exploitation Tools sections of the Kali Linux application menu.
Evaluation of systems for compliance with safety standards is based on industrial or state standards, which the organization under investigation must meet. Among these standards can be noted PCI DSS, DISA STIG and FISMA. They, in turn, are based on a set of regulatory requirements. System security checks usually begin with an assessment of vulnerabilities.
Traditional penetration testing is a thorough study of system security, which is designed to improve the overall security level of an organization and is based on a study of the resilience of systems to real threats. Such studies include several steps (reflected in the Kali Linux application menu structure) and end with attempts to exploit vulnerabilities and gain access to the most protected computers and networks of the target environment.
Application research, usually conducted in accordance with white or black box models, is aimed at a specific application and involves the use of specialized tools. These tools can be found in such sections of the Kali application menu as Web Application Analysis (Web Application Analysis), Database Assessment, Reverse Engineering, and Exploitation Tools.
We considered several types of attacks, the stability of systems to which is checked when assessing their security. These are the following attacks:
This concludes the translation of the eleventh chapter of the book “ Kali Linux Revealed ”. We hope these materials will help you in analyzing and protecting networks and computers.
Dear readers! What types of vulnerabilities do you consider most dangerous for your information systems and why?
→ Part 2. Kali Linux: filtering traffic using netfilter
→ Part 3. Kali Linux: monitoring and logging
→ Part 4. Kali Linux: system protection and monitoring exercises
→ Part 5. Kali Linux: System Security Assessment
→ Part 6. Kali Linux: types of information system checks
→ Part 7. Kali Linux: research formalization and attack types
The three previous articles in this series dealt with using Kali Linux to assess the security of information systems. We talked about the types of checks, the formalization of research and the types of attacks for which networks, computers and programs are tested for resistance. The 11th chapter of the book “ Kali Linux Revealed ” is devoted to all this. Today we will summarize this chapter and bring to your attention security questions to it.
11.5. Results
In this chapter, we briefly talked about the role of Kali in information security. We talked about the importance of using a clean installation of the system, on the use of encryption in order to ensure the protection of customer data during real research. It also raised the issue of the importance of competent legal registration of security studies. This allows you to protect the interests of the pentester and his client.
')
Recall the main points of this chapter.
The components of the CIA model (confidentiality, integrity, availability - confidentiality, integrity, availability) are characteristics that are paid special attention to in matters of information security. Activities aimed at complying with the principles of the CIA are part of the standard processes of deployment, support and analysis of systems. Understanding these concepts will help you in identifying the vital components of the systems and assessing the amount of forces and resources that should be invested in fixing the problems found.
We considered several types of information system vulnerabilities. Among them is a vulnerability to the inclusion of files, to SQL injections, to buffer overflow, susceptibility of the system to race conditions.
The accuracy of the vulnerability signatures is critical to get the most out of automatic system scanning for vulnerabilities. The more data about the system can be collected - the higher the chance to get adequate results of such a scan. That is why scanning of systems with pre-authentication is popular.
Since automated tools use signature databases to identify vulnerabilities, any, even small, deviation from a known signature can change the result, and, accordingly, the significance of the detected vulnerability.
We analyzed four types of information security research systems. These include assessment of system vulnerability, assessment of systems for compliance with security standards, traditional penetration testing and application research. For different types of research has its own set of tools, however, many studies use the same tools.
Assessing the vulnerability of systems is relatively simple compared to other types of research. Often it is an automatic collection of information about possible vulnerabilities of the target environment. In the relevant section, we talked about the fact that a vulnerability is a defect in an information system, using which you can violate its confidentiality, integrity or accessibility. Since automatic vulnerability scan is based on signatures, this type of research relies on the accuracy of such signatures and can give false positive and false negative results. The main tools for conducting such research can be found in the Vulnerability Analysis and Exploitation Tools sections of the Kali Linux application menu.
Evaluation of systems for compliance with safety standards is based on industrial or state standards, which the organization under investigation must meet. Among these standards can be noted PCI DSS, DISA STIG and FISMA. They, in turn, are based on a set of regulatory requirements. System security checks usually begin with an assessment of vulnerabilities.
Traditional penetration testing is a thorough study of system security, which is designed to improve the overall security level of an organization and is based on a study of the resilience of systems to real threats. Such studies include several steps (reflected in the Kali Linux application menu structure) and end with attempts to exploit vulnerabilities and gain access to the most protected computers and networks of the target environment.
Application research, usually conducted in accordance with white or black box models, is aimed at a specific application and involves the use of specialized tools. These tools can be found in such sections of the Kali application menu as Web Application Analysis (Web Application Analysis), Database Assessment, Reverse Engineering, and Exploitation Tools.
We considered several types of attacks, the stability of systems to which is checked when assessing their security. These are the following attacks:
- A denial of service attack when an application fails and is unavailable.
- Attacks on memory, which are aimed at manipulating the memory of processes, which often allows an attacker to run arbitrary code.
- Web attacks aimed at web services and performed using various approaches like SQL injection and XSS.
- Hacking passwords, during which the technique of selecting a password to the service according to a predefined list is often used.
test questions
- Explain the difference between the vulnerability and the exploit and tell them about their relationship.
- Tell us about the difference between false positive and false negative results obtained during the system scan for vulnerabilities. Which of these results is more dangerous? Why?
- What is SQL injection?
- What is a buffer overflow?
- Tell us about the condition of the race.
- Describe the vulnerability of systems to include files.
Answers on questions
- From the point of view of information security, vulnerability is a weak point of an information system that can be used to violate its confidentiality, integrity or accessibility. An exploit is a program specifically designed to exploit a vulnerability.
- A false positive result occurs when a scan for vulnerability reveals a problem that actually does not exist. A false negative result occurs if the scan fails to find a vulnerability present in the system. False negative results are more dangerous because they mean that there are vulnerabilities in the system that could not be detected.
- SQL injection is a type of vulnerability that occurs when a web application does not clear the data entered by the user, which leads to the potential for manipulation of the application database.
- Buffer overflow is a vulnerability caused by errors in software development. It allows the user to modify areas of memory that are located outside of an area designated for specific purposes.
- A race condition is a vulnerability that occurs when a user, accurately calculating the time of exposure to a system, can change the sequence of events inside it, which leads to the vulnerability.
- Vulnerability to include files occurs when a web application writes what the user enters into files, or allows him to upload files to the server.
Results
This concludes the translation of the eleventh chapter of the book “ Kali Linux Revealed ”. We hope these materials will help you in analyzing and protecting networks and computers.
Dear readers! What types of vulnerabilities do you consider most dangerous for your information systems and why?
Source: https://habr.com/ru/post/340198/
All Articles