审计网络安全3.pdfVIP

Auditing Network Security Review Methodologies © 2005 Protiviti Inc. EOE Assessment Methodologies • Basic Network Review Phases • OSSTMM (Open Source Security Testing Methodology Manual) – • Specific review components – Architecture – Firewalls – Routers/Switches – Modems – Wireless – Servers – Desktops – VPNs Review Methodologies 2 Basic Network Review Phases • Network Reconnaissance – Identify target networks • System Service Identification – Identify live systems – Determine operating systems and services running • Vulnerability Scanning – Use automated tools to identify vulnerabilities and collect data • Vulnerability Research and Verification – Verify issues identified by automated scanning tools – Identify new potential vulnerabilities within identified services or applications – Gain or elevate access • Reporting Review Methodologies 3 Example External Network Review Example – Consumer Products Client – Heavystock Inc. • Heavystock = Keep the store shelves full • External Penetration Review Review Methodologies 4 Network Reconnaissance • Gather public information – Registered domains – Registered networks – Search engines Heavystock Inc. – Corporate filings SCANNING LAPTOP • Identify target network