Anda di halaman 1dari 20

ECSA/LPT

EC Council
EC-Council

Module XL
Security Patches
Penetration
e et at o Testing
est g

Penetration Testing Roadmap


Start Here

Information

Vulnerability

External

Gathering

Analysis

Penetration Testing

Fi
Firewall
ll
Penetration Testing

Router and
Switches

Internal
Network

Penetration Testing

Penetration Testing

Wireless
Network

Denial of
Service

Penetration Testing

Penetration Testing

IDS
Penetration Testing
Contd
Application
Penetration Testing

EC-Council

Stolen Laptop, PDAs


and Cell Phones
Penetration Testing

Social
Engineering

Password
Cracking

Penetration Testing

Penetration Testing

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Penetration Testing Roadmap


(cont d)
(contd)
Contd

Physical
Security

Database
Penetration testing

VoIP
Penetration Testing

War Dialing

VPN
Penetration Testing

Penetration Testing

Virus and
Vi
d
Trojan
Detection

Log
Management
Penetration Testing

Blue Tooth and


Hand held
Device
Penetration Testing

File Integrity
Checking

End Here
Data Leakage
Penetration Testing

EC-Council

Security
Patches
Penetration Testing

Email Security
Penetration Testingg

Telecommunication
And Broadband
Comm nication
Communication
Penetration Testing

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Patch Management
It is a part of system management which involves acquiring,
testing, and installing of patches to an administrated
computer system.

Patch management tasks include:

Maintaining current knowledge of the available patches.


Deciding what patches are appropriate for the particular systems.
E
Ensuring
i that
h patches
h are iinstalled
ll d properly.
l
Testing systems after installation.
Documenting all associated procedures, such as specific
configurations required.
required

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Patch and Vulnerability Group


(PVG)
PVG deals
d l with
ith vulnerability
l
bilit remediation
di ti efforts
ff t lik
like OS
OS,
application patching, and configuration changes.

Responsibilities of PVG:
Conduct testing of patches and non-patch remediation
Create a database of remediation
Distribute
Di t ib t iinformation
f
ti related
l t d tto vulnerability
l
bilit and
d remediation
di ti
to the local administrators
Configure automatic update of applications
Monitor security sources for vulnerability announcements like
patch and non-patch remediation
EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Penetration Testing Steps


1
2
3
4
5
6
7
8
EC-Council

Check if organizations have a PVG in place


Check whether the security environment is updated
Check whether organization use automated patch management tools
Check the last dates of patching
Check the patches on non-production systems
Check the vender authentication mechanism
Check whether downloaded patches contain viruses
Check for dependency on new patches
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 1: Check If Organizations


has a PVG in Place
Check whether the organization
g
has a team of Patch and
Vulnerability Group (PVG).

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 2: Check Whether the Security


Environment are Updated
New types of vulnerabilities may arise with the
installation of new patches.

These new patches may affect the security


environment.
Try any malicious
li i
action
i on the
h system, and
d check
h k
whether the security environment such as firewall,
antivirus, and security software tools are updated.

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 3: Check Whether Organization use


Automated Patch Management
g
Tools
Check whether organizations use automated patch management
tools,
l
such
h as ZENworks
ZEN
k
P h Management
Patch
M
and
d
UpdateEXPERT.

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 4: Check the Last Dates of


Patching

Check whether
the database is
maintained for
patching by
PVG.

EC-Council

Check
Ch
k the
th last
l t
date when a
patch was
i
installed.
ll d

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 5: Check the Patches on NonProduction Systems


Patches may contain malicious code that affects the system.

Before installing on the main system, check whether the patches and
configuration modifications are tested on the non-production systems.

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 6: Check the Vender


Authentication Mechanism

Check whether the downloaded patches are checked


against any of the authentication methods.

The authentication method can be:


Cryptographic
yp g p
checksums.
Pretty Good Privacy (PGP) signatures.
Digital certificates.

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 7: Check Whether Downloaded


Patches Contain Viruses

Try to download any malicious or virus patch


on the system.

Run an anti-virus tool over downloaded virus


patch and check whether anti
anti-virus
virus detects
virus or not.

Check whether the virus signature database or


anti-virus program is up to date.

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Step 8: Check for Dependency of


New Patches

Check whether
there is
dependency
b
between
the
h
patches if installed
sequentially.

EC-Council

Check whether
installing new
patch
inadvertently
uninstalls or
disables another
patch.
patch

New Patches

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Security Checklist for Patch


Management
O ga at o s sshould
Organizations
ou d ccreate
eate a patc
patch
and vulnerability group (PVG).
Organizations should use automated
patch management tools.
Download the patches from home site
of tthee p
o
product.
oduct.

Scan the patches for viruses.


viruses
EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Patch Management Tools


Altiris Patch Management Solution
ANSA
BigFix Patch Manager
BindView Patch Management
C5 Enterprise Vulnerability Management Suite
E
Ecora
Patch
P t hM
Manager
eTrust Vulnerability Manager
GFI LANguard Network Security Scanner
Hercules
HFNetChkPro
HP OpenView Patch Manager using Radia
EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Patch Management Tools (contd)


LiveState Patch Manager
ManageSoft Security Patch Management
Marimba Patch Management
NetIQ Vulnerability Manager
Opsware Server Automation System
PatchLink Update
PolicyMaker Software Update
Prism Patch Manager
SecureCentral PatchQuest
Security Update Manager
EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Patch Management Tools (contd)


Systems Management Server
SysUpdate
UpdateEXPERT
Windows Server Update Services
ZENworks Patch Management
LANDesk Patch Manager
Service Pack Manager
Sitekeeper (Patchkeeper module)
Software Update
p
Services
Kaseya Patch Management
EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Summary
Patch management is a part of the system management which
involves acquiring, testing, and installing of patches to an
administrated computer system.
New types of vulnerabilities arise with the installation of latest
patches.
h

Organizations should create a patch and vulnerability group


(PVG).

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

EC-Council

Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Anda mungkin juga menyukai