Prepare a written proposal for the penetration test plan that describes your fir
ID: 667765 • Letter: P
Question
Prepare a written proposal for the penetration test plan that describes your firm's approach to performing the penetration test and what specific tasks, deliverables, and reports you will complete as part of your services.
Scenario: You are the owner and operator of a small information security consulting firm. You have received a request from one of your clients, Infusion Web Marketing, to provide a written proposal for performing a penetration test on the company's production Web servers and corporate network.
Environment:
Scope
Production e-commerce Web application server, thee-commerce Web application server is acting as an external point-of-entry into the network:
Ubuntu Linux 10.04 LTS Server (TargetUbuntu01)
Apache Web Server running the e-commerce Web application server
Credit card transaction processing occurs on all web servers.
Intrusive or Non-Intrusive
Intrusive. The test will include penetrating past specific security checkpoints.
Compromise or No Compromise
No compromise. The test can compromise with written client authorization only.
Scheduling
Between 2:00 a.m-6:00 a.m. MST weekend only (Saturday or Sunday)
Deliverables:
Based on the scenario above, provide a written attack and penetration testing plan. The plan should include these sections:
Table of Contents
Project Summary
Goals and Objectives
Tasks
Reporting
Schedule
Your penetration testing plan should be 2-3 pages in length and should discuss and cite at least three credible or academic references other than the course materials.
Scope
Production e-commerce Web application server, thee-commerce Web application server is acting as an external point-of-entry into the network:
Ubuntu Linux 10.04 LTS Server (TargetUbuntu01)
Apache Web Server running the e-commerce Web application server
Credit card transaction processing occurs on all web servers.
Intrusive or Non-Intrusive
Intrusive. The test will include penetrating past specific security checkpoints.
Compromise or No Compromise
No compromise. The test can compromise with written client authorization only.
Scheduling
Between 2:00 a.m-6:00 a.m. MST weekend only (Saturday or Sunday)
Explanation / Answer
Hi,
I have written a small report incorporating all your requirements .How ever this may change.And it is just my thinking on the problem.
Table of contents
1. Executive summary ……………………………………………………………………….
1.1 PROJECT SUMMARY …………………………………………………………………………………………………….
1.1.1 Approach……………………………………………………………………………………………..
1.2 SCOPE ………………………………………………………………………………………………………
1.3 Goals and Objectives…………………………………………………………………………………………
1.3 KEY FINDINGS…………………………………………………………………………………………….
1.3.1 Insufficient Authentication………………………………………………………………..
1.3.2 Improper Input filtration…………………………………………………………………….
1.5 REPORTING ………………………………………………………………………………..
1.6 SCHEDULE……………………………………………………………………………………………
2.CONCLUSION………………………………………………………………………………………………………….
1.PROJECT SUMMARY
Information security consulting firm has been assigned the task of carrying out Quarterly Penetration Testing of Infusion Web Marketing Pvt Ltd.
This is the second quarter penetration testing report.It was perfomed during date 26.08.2015,The detailed report about each task and our findings are as described below.
The purpose of this test is to determine security vulnerabilities in the server configuration and web applications running on the servers specified as part of the scope.The tests are carried out assuming the identity of the attacker or user with a malicious intent.At the same time due care is taken not to cause damage to the servers.
Scope
Production e-commerce Web application server, thee-commerce Web application server is acting as an external point-of-entry into the network:
Ubuntu Linux 10.04 LTS Server (TargetUbuntu01)
Apache Web Server running the e-commerce Web application server
Credit card transaction processing occurs on all web servers.
The guidance focuses on the following:
In this section we would like to highlight key findings of the critical issues found during the testing.
1.3.1.Insufficient Authentication:
On some pages <Page no’s 1,5,6> user can login and get access without user name and password.
Recommendation:
Proper authentication mechanism should be implemented with a good password policy in place.
1.3.2 Improper Input Filtration:
The input values are not parsed Properly. Attacker can exploit this and can insert a single user URL and send it to another user or can even steal session ID’s.
Recommendations
All data on all pages should have input as well as output filtering.SQL injections should be mitigated by using stored procedures,and reducing privilege levels with which the database executes.
Due to the impact to the overall organization as uncovered by this penetration test, appropriate resources should be allocated to ensure that remediation efforts are accomplished in a timely manner. While a comprehensive list of items that should be implemented is beyond the scope of this engagement, some high level items are important to mention. Offensive Security recommends the following:
1. Ensure that strong credentials are use everywhere in the organization. The compromise of system as drastically impacted by the use of weak passwords as well as the reuse of passwords across systems of differing security levels. NIST SP 800-119 is recommended for guidelines on operating an enterprise password policy.
2. Establish trust boundaries. Create logical boundaries of trust where appropriate on the internal network. Each logical trust segment should be able to be compromised without the breach easily cascading to other segments. This should include the use of unique administrative accounts so that a compromised system in one segment cannot be used in other locations.
3. Implement and enforce implementation of change control across all systems: Misconfiguration and insecure deployment issues were discovered across the various systems. The vulnerabilities that arose can be mitigated through the use of change control processes on all server systems.
4. Implement a patch management program:This will help to limit the attack surface that results from running unpatched internal services
5. Conduct regular vulnerability assessments. As part of an effective organizational risk management strategy, vulnerability assessments should be conducted on a regular basis. Doing so will allow the organization to determine if the installed security controls are properly installed, operating as intended, and producing the desired outcome.
1.5 REPORT:
Tabular Summary:
The following table summarizes the systems vulnerability assessment:
Category Description
Number of live hosts 50
Number of vulnerabilities 29
High,Medium,info level 14 6 9
1.6 Schedule:
Between 2:00 a.m-6:00 a.m. MST weekend only (Saturday or Sunday).
2.Conclusion:
A penetration test alone provides no improvement in the security of a computer or network. Action to taken to address these vulnerabilities that is found as a result of conducting the penetration test.
Experience has shown that a focused effort to address the problems outlined in this report can result in security improvement.For system to remain secure,security posture must be evaluated continuously.
Hope this helps....HAPPY ANSWERING!!!!!!!!!!
Scope
Production e-commerce Web application server, thee-commerce Web application server is acting as an external point-of-entry into the network:
Ubuntu Linux 10.04 LTS Server (TargetUbuntu01)
Apache Web Server running the e-commerce Web application server
Credit card transaction processing occurs on all web servers.