Transcript Comp 8130 Presentation - Australian National University

Comp 8130 Presentation
Security Testing
Group Members:
U4266680 Hui Chen
U4242754 Ming Chen
U4266538 Xiaobin Wang
System security is critical
Security loop-hole is bad, it can:

Affect performance of the system. (availability,
reliability)
Disclose confidential information
 Financial loss.
 Blemish your business reputation.

So, we had better to detect potential
security problem beforehand.
Security Testing

(The) Process to determine that an IS (Information
System) protects data and maintains functionality as
intended.
Common Methodologies:
1. Penetration Test
2. Vulnerability Test
Penetration Test
A method of evaluating the security of a computer
system or network by simulating an attack by a
malicious user, known as a hacker.
Vulnerability Test
Is the systematic examination of systems in order
to determine the adequacy of security measures,
identify security deficiencies and provide data from
which to predict the effectiveness of proposed
security measures.
Penetration Test I
It is active
 It is from attacker’s angle
 It aims to
1. Categorize potential security problem

2. Determine feasibility of an attack
3.Determine impact of a potential attack
Penetration Test II
Black & White & Gray box test

Port Scanning and Service probing
Port Scanning is a technology to discover open ports
which can further be used to discover services they
can break into.

Example,
Shock-wave virus which attack 80% computer in the
world get access to system using ports 135,444, 69
and then use the bug of windows RPC service to
influence system.
Penetration Test III


Overt and Covert
Two teams can be involved
Blue team: Performing a penetration test with the
knowledge and consent of organization’s IT staff.
Red team: Performing a penetration test without the
knowledge of organization’s IT staff but with all
permission of the upper management.

This type of test is useful for not only network security, but
also the IT staff’s response to perceived security incidents
and their knowledge and implementation of organization’s
security policy.
Vulnerability Test
I



It is more from a defender’s angle when compared to
penetration test
It can be applied in more general area (Ie.Nuclear power
plant)
It intends to:
Identify, quantify and prioritize the vulnerability in a system.
Provide decision-makers with information as to where and
when interventions should be made.

Provide early warning of potential dangerous.
It can used as reference when we are doing project security
assessment
Vulnerability Test II
Procedure:
Full-Scale VS Targeted Testing
Defining Scope
In-house or Out-house
test
Perform the vulnerability
test
Reporting and Delivering
Result
Use in-house resource
VS
Hire outside consultants
More in next page
Vulnerability Test III

More as to performing vulnerability testing
Gather information
Network architecture,
topology
Hardware and software
Use commercial tool
to search for vulnerability
ISS Internet Scanner
Cybercop Scanner
Extra test to find missed
and new vulnerabilities
Vulnerability missed by
available tool
Legitimacy Consideration

How to handle sensitive data?

Test or real attack?(IE.extent)

How to clean up test artifacts?
Security test and Risk
management

Both penetration test and vulnerability test
drive risk management process

Reporting and documenting procedure are
critical.
Summary
Similarity:
 Both penetration test and vulnerability
test intend to identify the potential
security problems in the system.
 Both of them are important to risk
management process
Differences:
 Attacker VS Defender
 Specilization VS Generalization