Saturday, February 16, 2013

M.Tech Thesis work

Hello All

Work to do :-

1. Find the vulnerability into web server using different scanning tools like NESSUS, OpenVAS.

2. Fix this all vulnerability.

3. After Fixing this all vulnerability, Ready to host the website.

4. Put this website into DMZ zone.

5. Set Router Policy [Using ACL].

6. Set Firewall Policy [Using NAT] .

7. Set Gateways Policy [Using IPtables and DNAT].

8. Attack on  web server using different tools like metasploit, fasttrack,etc...

9. Detect this attack and block this attack[ 0day Attack]

Work done by me :-

Analysis :-

Web Application Vulnerability :-
-- OWASP top ten 2013

Scanning Techniques :-
-- OpenVAS

Tools used for attacking web server:-
-- Metasploit
-- Fasttrack

Tools used for detecting Attack :-

Now the thing is that you have to learn first what is the vulnerability present in web application.
So you need to first understand the web application vulnerability.

And than you have to learn how to attack on to the web server. and than you have to prevent this attack.

Your LAB setup is like:-

1. Backtrack 5 R3 used ad Attacker.

2. Web application Server. [ Victim machine].

3. OSSIM. [ Attack Detector]

Now What u have to do is :-

Make 3 machine available for your LAB.
Install Backtrack into one PC.
I m using one vulnerable ISO for web application.Install this Live ISO into another PC. This ISO called gameover.
And I have install OSSIM into 3rd PC to detect attack onto web application.

Now your real work start for finding vulnerability into web server and prevent attack from Hacker.

To scan a web application, there are lots of tools available online like NESSUS, Websecurity, OpenVAS etc. By using this type of tools you need to scan this web application. And find the possible vulnerability into web application.

Now you have to do Pen testing on web application.
For that you have to do all the scanning for vulnerability. and than you have to fix it. For example Patching the system, update OS, Update web server etc.

Now for pen testing on web application, you have to attack on this web application and how you can damage this web application? Find some attack to damage this web application. For this use metasploit or fast track to attack onto web application. or use any other web attack tool for attacking the web server.

Now what is the possible  solution to avoid this attack????

For this you need some script to prevent this attack onto web application.

I m using python scripting language to prevent an attack from hacker.

Diagram of exploitation :-

Now we have Web Application which can b used for attacking.
And also we have attacking tools which is present in backtrack.

Before attacking on any server first you have to find the vulnerability into system.
For this you need to first gather all the information of server and analyse that how it works.
Some steps:-

- Information gathering
- Threat Modeling
- Vulnerability Analysis
- Exploitation
- Post Exploitation
- Reporting

Types of Pen testing :-
- Overt Testing
- Covert Testing

Today I m going to learn about web application firewall.

Solution As per our requirement into OSSIM :-
1. Vulnerability Assessment using OpenVAS, NESSUS[ Schedule scanning, Schedule network scanning etc....] [ use Vulnerability]
2. LDAP integration into OSSIM.
3. NagiOS for Availability Monitoring.
4. NtoP for Traffic monitor into the network.[Also include NFdump,Netflow for monitor cisco]
5. Security Device Event Exchange (SDEE) Protocol [ collect events from Cisco firewall and Router]
6. OCS used for collecting logs from another OS.[used for inventory management]
7. Alaram system for Login failure and success.
8. Windows Event loging by OSSEC and snare. [HIDS]
9. We can write our plug in to avoid attack.
10. Report generation in requred format.
11. E-mail and SMS notification [ iReport and Jasper Server].
12. Detection of Attack [ Host base, Network Based, Wireless IDS]
13.Kismet [ wireless network sniffers]
14. Nmap for port scanner.
15. P0f for OS anomaly detection.
16. Pads for Service anomaly detection.
17. Arpwatch for MAC address anomaly detection.
18. Tcptrack for session monitor [network]
19. Nepenthes [honepot] for detect infected system and malware detection.