Rapid7 has many tools like metasploit a software that runs many exploits against a target machine.
“It is the world’s most used penetration testing software”.
the hackers are using it, it is a great teaching tool, and of course we would use it in some of our testing on your systems to see if we can penetrate and make the machine what is termed as “pwned” an offshoot of owned. Hackers have a pride and show off ability as well. That is what they do.
Let us know if we can test your systems so that you know for sure how they operate with a specific attack, rather than not knowing and being unaware.
Is there a weak link?
Is your firewall all patched up? Does it have the latest firmware? Are all ports closed that should be closed? Are the ACL (Access Control Lists) parameters working correctly?
Does the webserver have software running that should not be running?
Who has checked your computers for misconfigurations?
We can help with our testing services: (A – Σ – Ω)
Also at our solutions page: http://oversitesentry.com/?page_id=26
We use Kali-Linux (a penetration test suite to view the status of your computers) to create reports that you can then use to fix the configurations.
Malwarebytes has a good FAQ about the Heartbleed problems we have posted in our own Blog on Oversitesentry as well.
Essentially there are online tools (LastPass) to find out if the website you are using is vulnerable.
If vulnerable – you can assume that your communication with that site can be compromised. (will it be?) lets discuss this, sure it may not be. So this may seem alarmism to you maybe. the problem is there are millions of hackers on the Internet, and they are working full-time to hack you.
That is their job – they have decided to make a life of hacking. And since the Internet allows everyone to connect to each other, these criminals are trying to hack you all the time.
So yes – it may sound like alarmism, but there is a reason for this. People do get hacked, and lose their financial identity. that is not a joke, and true there are a lot of vulnerabilities, and it seems we are saying patch this and that all the time…
But that is the new world we live in – 6 Billion people in the world, of which X are connected and Y are criminals. Y= at least a million. Do you want to risk a million criminals attempts – and “hope” you will not get hit?
First of all, there are many ways a system can become vulnerable, we will not look at the malicious or badly configured machines.
We will look at a way to make a vulnerability over time without meaning to.
I was installing some software the other day… and noticed that while it installed itself it also created a service which allows a browser to open it like this: http://localhost:33308/ which means it created a “port” or service at 33308. localhost is your own computer.
But imagine a year or 2 from now and you did not update this software, as changes were made to it. what if a security vulnerability was found and the “old” version at 3.4.0 is vulnerable and can be circumvented with the new Metasploit version – which exploits old vulnerabilities?
Now presto you thought you were safe, but have not considered the software you downloaded a long time ago is not secure anymore. Hackers will find a way in, that is what they do. Your IT department does not know this software is running, or if they do, they may not have handled it either – especially if it is non-standard. How do you know?
The browser session of the python port 33308.
Well, the only way to know – is to audit or review your systems… What ports are open? what are they supposed to be doing? Is email supposed to be running on the local system? that is a red flag.
Use our services: (A – Σ – Ω) Solution to find out. contact us
Wired had an article a while ago (January 6th 2014)
To understand the problem, you need to understand the embedded systems market.
The problem is the chip manufacturers make custom devices with custom parameters, that frequently have exploitable services. And they do not get patched, since no one tests them.
We have found viruses on these machines. And the only way to fix is either disconnect from internet or wait for the manufacturer to provide a fix. This fix may take months.
You must test your whole environment, not just the known network devices. Since someone may have plugged in an appliance which becomes vulnerable with easy to use hacker programs.
Use our Solutions page to help you decide how we can help.
By “casing” can also be called enumeration, where the hacker reviews what type of systems that you have on the Internet.
It is the first step in attempting a breach into your infrastructure.
Here is where a scan would find out what type of programs you are running.
Then the (unethical of course) hacker attempts to break your defenses. Hopefully you have the latest patches, the passwords are tough to crack and so on.
Once the hacker has a beachhead the attacks are now different in nature, as now they are in the network and attacks are coming from the inside. One of the first things they do is to increase their capabilities by attaining more permissions and more systems.
Second, the hacker will create their own accounts, so they can come and go as they please.
Third, the hacker will take what they were looking for or use your computers to create more attacks. It depends on who the hacker is and their goals.
PCISecurityStandards.org has a website and it’s response to the Target Data breach:
“As part of this security effort, the Council maintains that adherence to and maintenance of the Payment Card Industry Data Security Standard (PCI DSS) is the best defense against data breaches.”
What is this “adherence to the PCI DSS?
To look at the actual requirements and procedures you have to agree to their terms and conditions.
The standard says to maintain a vulnerability management program.
Among other items:
NIST SP800-115 is the sample standard for penetration testing methodologies.
Examine Security policies and procedures.
“Verify responsibility” is sprinkled in multiple times in the PCI DSS standard. Each person or team with responsibilities should be clearly aware of their responsibilities.
I know a “Guidance” that would make PCI DSS even stronger: Use an independent reviewer (second pair of eyes) such as Fixvirus.com
Dark Reading has an interesting article about how Target was compliant with PCI(Payment Card Industry) standards and it was not enough.
The Point of Sale terminals were infected with malware specific to Point Of Sale terminals, stole the CC# and the 3 digit CV code as well. So it was designed to steal the complete magnetic strip information.
Many parties may be to blame in this, but what can you do in the meantime?
Test your systems – check for malware, in an automated manner. If there are unknown pieces of software or ports open on your computers then that means it requires more investigations and cleaning the systems.
Use our Alpha-A, Sigma-Σ, and Omega-Ω services. (A – Σ – Ω)
On today’s Internet Storm Center Diary :
Johannes noticed an odd attack coming from what turned out to be a DVR in China.
This is a shape of things to come, unattended devices, which never get patched will be attacked and then used to attack your infrastructure.
This is why it behooves you to work hard to remove all the vulnerabilities one can.
Use our minimal Alpha Scan which allows a minimal scan and review, it is as unintrusive as viewing a webpage without any scripting.
It is important to patch all your Internet facing devices. Becasue if you don’t eventually someone will use your Internet bandwidth and computing resources for their own uses.
One does not have to be on the cutting edge of technology to be secure.
But, in my hacking classes (where we try to attack other computers with Metasploit it is obvious very quickly that with a patched machine, even a WindowsXP system it is much harder to crack.
Now of course, WindowsXP happens to be almost obsolete. On April 8th Microsoft has said it will no longer support updates to Microsoft WindowsXP operating system. Here is a link for Enterprises to help with the transition away from WindowsXP.
So other than End Of Life Oepraitng systems one does not need to stay up on the latest OS, to have a secure computer, just keep up with the patches and you will be more secure than many others.
the key is to review your systems and network environment for unknown gotchas.
Contact Us as we can help with your review process. Our products:
(A – Σ – Ω)