Penetration Plan Essay

* Check existing security scan reports, from WireShark and NetWitness Investigator, and see if we can identify data leakage, and setup new policies and procedures for monitoring web servers and applications.

While both Wireshark and NetWitness Investigator can be used to capture network traffic, the freeware version of NetWitness Investigator has a limitation of 1G of protocol capture per session. Wireshark does not have a limitation on the size of the capture file, which makes it better suited to protocol capture. Wireshark can be used to analyze capture files, but NetWitness Investigator is a seven-layer protocol analyzer that provides detailed protocol analysis and protocol behavior analysis and is much more user-friendly in terms of understanding protocol behavior and protocol analysis.

First, let’s talk about Wireshark, it is the most common network packet analyzer used worldwide, perhaps one of the best open source (free) packet analyzers today. It lets you capture and interactively browse the traffic running on a computer network, helping you analyze and manage the traffic in your network. Like a measuring device used to examine what is going on in your network cable, like a voltmeter used by an electrician to examine what is going on inside an electric cable. Therefore, gives you the tools to do in depth network analysis, it will try to capture network packets and display them as detailed as possible for analysis. Furthermore, used for troubleshooting network problems, examine security problems, debug protocol

Companies should develop a control that requires that routine vulnerability assessment of their customer facing web sites, network infrastructure, and associated systems (such as database systems). Vulnerability assessment can help identify potential weaknesses to systems and also provide a sort of feedback to the organization’s IT department on their current operational policy and security posture. The cost of performing a routine vulnerability assessment is considerably less than that of an actual data breach.

Our company is looking for security threats inside and outside their network. The best way to see what our network is vulnerable to is to use penetration testing (pen-testing) to find the leaks in and out of our network. Penetration testing is a network security approach that simulates an attack from an intruder trying to get unauthorized access to the infrastructure. With this type of testing the intent is to discover flaws in the security settings of the system before they can be exploited. Information Assurance Research Corporation (IARC) should conduct penetration testing on a regular basis, so we have the ability to locate weaknesses in the hardware and software, check the security controls currently established and determine if the

In this lab, we learned how to find the IP address, Subnet Mask, and the Default Gateway, and we learned how to ping a destination address, and how to understand the output. From performing these commands, I learned how to not only find the information about a device, but how to send a ping, or echo, in order to

Wireshark is an open-source program which enables users to actively capture and interact with the network traffic which is being funnelled through the computer. Commonly, pieces of software which do this are referred to as ‘packet sniffers’ - As the program is recording the packets which pass through the network.

3. Implement effective monitoring of networks through the use of electronic scanning in order to

Restaurants have a tendency to be targets for cyber criminals. These criminals steal and reconfigure the payment card data for their own purposes. At the Heartland Cafe, Tom has a chance to be a target for a cyber attack by being in a high-traffic area. If the customer is compromised, Heartland Cafe will quickly lose public trust and perhaps Tom will lose the business altogether. Extra measures toward risk management should be taken to ensure that the business itself remains safe. Compliance with PCI-DSS protocols, PTS requirements and the franchisor should inform the franchisee of any software that could translate

The penetration tools provided in this document allow us to review our network from a security standpoint. This paper focused predominantly on phase two of a penetration test, the exploitation phase; however, a successful penetration test typically starts with the reconnaissance phase. In this phase, the tester attempts to gain as much information about the target company and its network as possible. He or she will test the physical infrastructure (how do people gain access to the building?) and other organizational aspects of the company to find a weakness and a way to get in. Also during this portion of the test, the penetration tester will use tools such as NMAP, whois.com, and other resources to obtain information regarding the network

We should perform Attack and Penetration tests to identify vulnerabilities in our network which can be accessed by hackers. Attackers sniffing on the network look for weak points in the network, thus knowing the weak points using internal and external attack and penetration tests will make our network more secure.

10. There are four phases of penetration testing, according to NIST. They are planning, discovery, attack, and reporting. In the planning phase, rules are identified, management approval is finalized, and testing goals are set. The discovery phase starts the actual testing. Techniques commonly used in the discovery phase include port scanning, DNS interrogation, whois queries, search of the target organizations web servers, search of the LDAP, packet capture, NetBIOS enumeration, and Banner grabbing. While vulnerability scanners only check that a vulnerability may exist, the attack phase of a penetration test exploits the vulnerability, confirming its existence. The reporting phase occurs simultaneously with the other three phases of the penetration test.

When system administrator sent a ping request using a computer technology called ICMP echo request, the machine received the echo request packet and will send a reply

This report documents the results from the penetration test of the Ernst and Young Credit Union external website (http://10.55.3.101). Full authorisation has been given to conduct the test, which was carried out in a manner that simulates an attack from a malicious user. The objectives were to:

A good place to begin with any examination is with the statistical and metadata information that can be uncovered within the packet capture. Using Wireshark Protocol Hierarchy Statistics, we can see that the traffic consists mainly of DNS datagrams (figure 1).