Oscar_redes-20030617-clean.log

@Merlin ! Welcome back one more time at INFOSEC 2003! today stay with us Oscar E. Ruiz Bermúdez from Bogotá D.C. COLOMBIA with his work "Test of Penetration in a Data Network" well...if nothing more to say.. let's continues, i remember to #infosec the theme, #redes translation, and #qc questions @Merlin TESTS OF PENETRATION IN A DATA NETWORK @Merlin 1.1. INTRODUCTION @Merlin http://www.giac.org/practical/Oscar_Ruiz_GSEC.doc @Merlin The digital world does not differ almost in anything from the real world, is defined as @Merlin the reflection on which it is lived nowadays, it is as well as it is due to begin @Merlin to visualize the concept of computer science security and of the areas associated to @xpato ya empezo? @Merlin this, as far as the audit it is counted on the penetration tests, like a feedback process, that contributes in a high degree to the securing, management and maintenance of information system. @Merlin In the real world there is a great variety of human beings, with activities, interest, different tastes, customs and cultures, constituting the human biodiversity, which as @Merlin all system tends to maintain a balance to coexist and to guarantee its survival in the future. @Merlin From the beginning of humanity a balance between good and evil has existed, estigmatizes in each one of the cultures and therefore with multiple conceptions, for example laws have been denominated to tipify and classify different behaviors that @Merlin have evolved with the passage of time, which causes that day to day they exist new forms to act and therefore new forms to regulate. That the this challenge to be faced when confronting and interacting with the digital world, knowing beforehand that @Merlin there has to be control for a diversity of users to guarantee a balance that allows the operation, through schemes that prevent , detect and react to behaviors that in some cases have not been contemplated in the present legislations. @Merlin Security Computer Science is then an assembly of rules, call security policies , which are implanted and supported by schemes that involves hardware, software and @Merlin people, who additionally count on processes like the audit for their evaluation and update, which can and must be alternated with tests of penetration for its benefits . The content of the present document wants to create a methodology oriented to @Merlin penetration tests, that covers a high percentage with the most common weaknesses of a technological platform @Merlin 2. DESCRIPTION @Merlin The penetration tests enter to form part of the securing processes, maintenance and evaluation of information system, their mission consists of proving the implanted @Merlin policies of security in a technological platform, using a assembly of techniques that result in an analysis that demonstrates all the weaknesses that put in risk the confidentiality, integrity and availability of the information, giving a start point to @Merlin proceed to the accomplishment of adjustments in the security policies and generating a feedback with other processes, the real knowledge of the present situation and determining the optimization and/or application of new technologies and processes that increase the reliability degree. @Merlin 3. OBJECTIVE @Merlin The general objective of a penetration test is by means of its execution, to detect the weaknesses and to contribute with recommendations to the process of security of a @Merlin technological platform, and it also looks to enrich the processes of continuous improvement of the audit, management and maintenance of an information system. @Merlin 4. JUSTIFICATION @Merlin The technology has facilitated and well-known improved the form to work of the companies, has offered speed in its operation through the use of information system @Merlin generating continuously a better reflected performance in the satisfaction of the final client; unfortunately this goes along with a series of serious disadvantages when the @Merlin technology does not operate correctly, Pretended losses of yield in the servers, continuous disconnection of the workstations, frequent falls of the communication @Merlin channels are just some examples that live the companies at the present time, where probably the most serious problem is the ignorance of the causes of these problems @Merlin for lack of knowledge, tools or specialized services and even worse when the organization faces the use of Internet like means of commercialization of her goods @Merlin and like a basic tool for his operation @Merlin To face this almost obligatory alternative is a challenge that is due to confront seriously, since the information system are remarkably at risk and therefore they @Merlin must be protected through a culture of continuous improvement, generating a policy of security totally opened to changes, but of obligatory character in its fulfillment. Finally the application of the most advisable technologies for the atmosphere of work @Merlin of the company is determined and which reflect 100% the decisions taken in the established policy. The penetration tests must be made once are defined the operation and security policies , also the technological infrastructure has to be @Merlin assured 100% and the results must give feedback the audit process, with which it is due to put in to generate the cycle of continuous improvement @Merlin 5.5. RESOURCES @Merlin 5.1 Human @Merlin You must count on a human group whose knowledge cover the following areas: Operating systems, networking, applications and telephony, in addition it is important @Merlin to have contact and/or access to the world underground (recognized groups of hackers). @Merlin 5.2 Logical and physicist @Merlin "Computer or computers with different operating systems like: Windows 2000, Linux, Solarix, Beos, Os2.. Connectivity to the private or public network, through an analog or digital Modem, network adapter, Wireless, etc.. @Merlin Tools as applications, devices and specialized, considered techniques in some cases like tools of hacking @Merlin "-Port Scanners: Tools that detect the existence of equipment in a network, and the services that offer. @Merlin Commercial: Ws Ping Pro Pack @Merlin Free: Nmap, Hping, Jackal, Cheese @Merlin "-Analyzers of vulnerabilities: Tools that make automated verifications of vulnerabilities. @Merlin Commercial: Cybercop Scanner, Iss, Retina Gratuitous: Nessus, Saint, Sara @Merlin Sniffers or Traffic analyzers : Tools that capture all the visible traffic in a network segment, being able to capture usuary and passwords of protocols that do not use coding schemes. @Merlin Commercial: Nai Sniffer, I dominate, Advisor @Merlin Free: Analyzer, Ethereal, Tcpdump @Merlin Password crackers: Common tools that try to obtain the access passwords to a system by means of dictionaries, lists of passwords and brute force. @Merlin Commercial: Lopht Crack. @Merlin Free: John the Ripper, Crack @Merlin "-Trojan Horses: Software catalogued like virus, whose objective is to have the control of computers and/or servers. @Merlin Examples: Netbus, SubSeven, Back Orifice @Merlin "-Networks Management: Software to detect configurations and originating information of agents SNMP and readings of MIBs. @Merlin Commercial: Unicenter TNG, Tivoli, HP OpenView, What`s UP, Insigh Manager, Top Tools, Dell Open Manager, Trascend, Cisco Works, Net View, Nways Campus to manager, SMS @Merlin "-Social Engineering: It includes/understands a assembly of tactics catalogued like the most powerful weapon for the access to IS, cradles in the common sense and the human error. @Merlin "-Interpersonalización (Supplanting): Technical more transparency, effective and destructive of hacking, to look for to supplant an authorized user to obtain @Merlin access to any type of information, made through the use of troyanos, the crakeo of access keys and social engineering @Merlin 6.6. METHODOLOGY @Merlin 6.16.1 -International policies and standards @Merlin Like introduction to the raised methodology, The existing policies and international standards are mentioned and where the penetration tests become vital, although @Merlin they are only a single task within these, is very important to know the context in that they are developed, Up next will be a brief review of the standards which they have @Merlin arisen through the time, as well as the ones used at the time @Merlin Trusted Computer System Evaluation Criteria (Tcsec. Orange Book) @Merlin Developed by the government of the United States in 1980 to provide a standard in the manufacture with governmental systems and as an evaluation criteria to @Merlin determine the confidence degree that fulfills an information system, also known like Orange Book @Merlin Trusted Interpretation Network (TNI) Given the necessity to interchange information and with the evolution of computers networks, is born the necessity of an @Merlin evaluation criteria, which in 1987 is developed by the government of the United States and based on the interpretation of the TCSEC for computers and network communications systems @Merlin International Technology Security Evaluation Criteria (ITSEC) @Merlin Developed by European countries, is born of the combination of the criteria of the @Merlin orange book and the best European evaluation criteria, additionally it covers contemplated integrity and availability that not tapeworm in the TCSEC @Merlin Common Criteria (CC) Represents the efforts of the international community in aligning and developing a criteria of evaluation in security, like result of the @Merlin European and North American standards. The Common Criteria combines the best elements of the ITSEC, the CTCPEC (of Canada) and Criteria North American @Merlin Federal (FC), the intention of the common criteria is to identify and to evaluate characteristic in products and systems, which are ratified by standard ISO 15408 @Merlin 17799 ISO @Merlin This based on the 1995 standard British BS7799 and developed to provide a coherence with the controls jeopardize in the best ones you practice in security @Merlin information and where the only source of information is the company C & A Systems Security LTD @Merlin 6.2 6.2 Propose basic methodology @Merlin 6.2.1 Description @Merlin As a global vision for the development of the penetration tests has a physical and logical integral perspective, commits and external of the objective, analogous it is @Merlin described like the integration and comparison between the real world and the virtual world; consequently one resorts to the application of the scientific method like @Merlin methodology to follow, from which the processes of obtaining of information, analysis of the information and formulation of hypothesis, the experimentation (development @Merlin and use of tools) are derived and finally the documentation of the results and the conclusions; through the analysis of the results obtained in each one of the @Merlin processes, one settles down the strategy and tactics to use. The propose strategy is supported in several known techniques as they are it social engineering, the common @Merlin sense and the application of tools of hardware and software. 4 phases have been denominated that they search to contribute information to the process of securing of @Merlin the information, with the results obtained and based on the cycle of prevention, detection and answer @Merlin 6.2.2 Phase 1: Obtaining of information @Merlin Has defined the use of scenes, each one of these represents a type of user and information according to the type of connection is compiled. Both first scenes A and @Merlin B count on restricted profiles (according to policies of standard security); both remaining they count on privileged access, scene C on the platform and scene D @Merlin establishes a physical and/or logical connection on the network and is independent in the administration and execution of processes and tasks on a computer @Merlin Scenarios : @Merlin Scenarios A: Well-known user - Common User @Merlin Scenarios B: Well-known user - User with advanced knowledge @Merlin Scenarios C: Well-known user - User administrator of system @Merlin Scenarios D: External user to the company @Merlin Types of Connection: @Merlin LAN: Locally connected user @Merlin INTRANET: User connected from the internal network. @Merlin EXTRANET: User connected from an external network (partner) @Merlin INTERNET: User from an external connection. @Merlin 6.2.3 Phase 2: Analyses of the information and formulation of hypothesis @Merlin Based in the collected information, the group of experts analyze and classify the possible weaknesses detected by critical levels, this looks for to feed the phase on @Merlin tools application according to the type of detected services and the formulation of hypothesis, which represents a diagnose of the present state of the technological @Merlin platform at issue. Afterwards these hypotheses are validated with the experimentation process @Merlin 6.2.4 Phase 3: Experimentation (Development and use of tools) @Merlin In first instance resorts to the DNS search of the servers associated to the domain , @Merlin an example of a tool that contributes to this task is the command nslookup.exe of the operating system of Microsoft Windows NT/2000 @Merlin Once identified the public servers, three possibilities of global operation can be faced, depending on the physical location of the technological infrastructure @Merlin 1.1. External : Internet Solutions Provider ISP + Applications Solutions Provider @Merlin ASP. @Merlin 2. Internal : ISP + Department of Computer Science and Technology @Merlin 3. Mixed: ISP + ASP + Department of Computer Science and Technology @Merlin Once identified the model of global operation, it is come to identify the models of operation for the benefit of services, these models can nowadays be mixed according @Merlin to the policy of operation of the company, these are known generally like @Merlin Outsourcing: Service of renting and administration of the operation of IT @Merlin Hosting: Service of renting of services in the servers of ISP or ASP. @Merlin Housing: Service of renting of physical space in a ISP, mainly for teams of @Merlin communications and servers of the company. @Merlin Insourcing: Service of administration of servers of the company by a third party @Merlin IT Department: Administration service for servers of the company is internally assumed. @Merlin The question arises then: How to identify and to classify the models of global operation and services?. The answer is the use of commands and applications of the operating system like: Ping, Tracert, Nbtstat, Net, Finger, FTP, telnet, Tftp, among @Merlin others, that help to obtain information of the services in the public servers, the equipment of communications, the private network and the scheme of security that may be in use for his protection @Merlin It is important to stand out that through the use of commands and applications of the operating system it is managed to obtain important information that with knowledge of cause or not the company does not have to immediately begin to evaluate the @Merlin degrees of administrative privileges on the computers for the users, who in most of the cases are of full control, allowing not only to have access to the configurations but to the installation of non-authorized software. @Merlin When facing this type of situation is potentially exposed that a user with knowledge or simple curiosity begins to install and to prove the different types from tools @Merlin mentioned in the data network previously. Once made the obtaining of information and with base in the analysis of the obtained results of the use of commandos and @Merlin applications, it is possible to be determined a type of situation and global weakness of the platform @Merlin Situation A: They do not count on a security scheme. @Merlin Possible weakness: Total ignorance of the concept of Computer science Security. @Merlin Situation B: They count on an incomplete scheme of security with faults and/or, administered and possibly monitored @Merlin Possible weakness: Policies of security are not defined , faults or omission of @Merlin elements in the scheme of security like: Rules in the Firewall, filter of content, detection of intruders, decoys, VPN, PKI, etc. @Merlin Situation C: They count on an installed scheme of security, administered and possibly monitored. @Merlin Possible weakness: Vulnerability of the scheme by faults in the maintenance and/or human. @Merlin Each one of these situations has managed to identify elements of the technological platform and of the security scheme used for its protection, the following step is to @Merlin use the tools to verify and evaluate the degrees of prevention, detection and reaction of the system, using as base of evaluation the alarms and LOGs generated in the @Merlin use of these. The results obtained through the use of this tool can throw the following situations @Merlin Use of nonsafe services on concentrators (Hubs): It represents a high risk for the information system since any connected user could listen to the data, users and keys @Merlin of access of the following services: electronic mail, Web, applications client/server, Data bases search , among other services. Use of nonsafe services on commutators @Merlin (Switches): Although it diminishes the listening risk, are left other possibilities open that there would be to evaluate like: the ports mirror (port mirror), Segmentation @Merlin (VLANs) and Gestión (SNMP) @Merlin Identification of the services, weaknesses and schemes of passwords: It represents a high degree of risk when exposing publicly the technological platform and the @Merlin information system, underestimating the use of security elements and/or implementations with faults. Access to the services directly on the production server @Merlin It represents a high risk for the information system since any connected user could jeopardize the computer and the services available. Services protected by firewall @Merlin Although it diminishes the risk of direct bonding, are left other possibilities open that there would be to evaluate as the content filter on the services, the systems of @Merlin detection of intruders, decoys, PKI, VPN, among others. @Merlin Services protected by a security scheme: When one faces this type of situation, the commitment of the personnel with the policy of security of the company is due to @Merlin evaluate, it looks for then the human error through techniques of social engineering and interpersonalizacion (Supplanting). @Merlin 6.2.5 Phase 4: Documentation of the results and conclusions @Merlin Document that compiles all the information obtained in the different phases, summarizes the analysis of the results and the documentation of the tests, in addition it raises the recommendations that contribute to the cycle of continuous @Merlin improvement, contributing to the adjustment in the policies of established security and consequently to the implanted security system, this with the purpose of @Merlin controlling those services that were not considered initially or which they are totally new within the scheme and which they represent potentially alternative of danger @Merlin against integrity, confidentiality and availability of the information. @Merlin Finally it is very important that 100% of the employees of the company, with base in @Merlin the obtained or informed experiences, are committed and contributed in the fulfillment of the security policies, of this form this taking a great step in the social apprehension of the culture in computer science security @Merlin 7.7. BIBLIOGRAPHY @Merlin Common Criteria or ISO 17799: @Merlin http://www.sans.org/infosecFAQ/standards/ISO17799.htm @Merlin Underground: @Merlin www.astalavista.com @Merlin Security Site (Spanish): @Merlin www.kriptopolis.com @Merlin Documents of Asociación Colombiana de Ingenieros de Sistemas: @Merlin http://www.acis.org.co/Paginas/publicaciones/archivos.html @Merlin Understanding Ethical Hacking: @Merlin http://www.itp-journals.com/search/m04133.htm @Merlin well in this form we are concluied.. the topic. thanxs for everybody to stay here.. and we are waiting to next .. time @Merlin thank for your time Vegas that was well traducted Merlin Vegas and thanks for _your_ time BLiND_MaN thanks for your time!!! osu hola. se estan guardando los log de estas charlas? Generated by irclog2html.pl 2.1 by Jeff Waugh - find it at freshmeat.net!

`@Merlin`	`! Welcome back one more time at INFOSEC 2003! today stay with us Oscar E. Ruiz Bermúdez from Bogotá D.C. COLOMBIA with his work "Test of Penetration in a Data Network" well...if nothing more to say.. let's continues, i remember to #infosec the theme, #redes translation, and #qc questions`
`@Merlin`	`TESTS OF PENETRATION IN A DATA NETWORK`
`@Merlin`	`1.1. INTRODUCTION`
`@Merlin`	`http://www.giac.org/practical/Oscar_Ruiz_GSEC.doc`
`@Merlin`	`The digital world does not differ almost in anything from the real world, is defined as`
`@Merlin`	`the reflection on which it is lived nowadays, it is as well as it is due to begin`
`@Merlin`	`to visualize the concept of computer science security and of the areas associated to`
`@xpato`	`ya empezo?`
`@Merlin`	`this, as far as the audit it is counted on the penetration tests, like a feedback process, that contributes in a high degree to the securing, management and maintenance of information system.`
`@Merlin`	`In the real world there is a great variety of human beings, with activities, interest, different tastes, customs and cultures, constituting the human biodiversity, which as`
`@Merlin`	`all system tends to maintain a balance to coexist and to guarantee its survival in the future.`
`@Merlin`	`From the beginning of humanity a balance between good and evil has existed, estigmatizes in each one of the cultures and therefore with multiple conceptions, for example laws have been denominated to tipify and classify different behaviors that`
`@Merlin`	`have evolved with the passage of time, which causes that day to day they exist new forms to act and therefore new forms to regulate. That the this challenge to be faced when confronting and interacting with the digital world, knowing beforehand that`
`@Merlin`	`there has to be control for a diversity of users to guarantee a balance that allows the operation, through schemes that prevent , detect and react to behaviors that in some cases have not been contemplated in the present legislations.`
`@Merlin`	`Security Computer Science is then an assembly of rules, call security policies , which are implanted and supported by schemes that involves hardware, software and`
`@Merlin`	`people, who additionally count on processes like the audit for their evaluation and update, which can and must be alternated with tests of penetration for its benefits . The content of the present document wants to create a methodology oriented to`
`@Merlin`	`penetration tests, that covers a high percentage with the most common weaknesses of a technological platform`
`@Merlin`	`2. DESCRIPTION`
`@Merlin`	`The penetration tests enter to form part of the securing processes, maintenance and evaluation of information system, their mission consists of proving the implanted`
`@Merlin`	`policies of security in a technological platform, using a assembly of techniques that result in an analysis that demonstrates all the weaknesses that put in risk the confidentiality, integrity and availability of the information, giving a start point to`
`@Merlin`	`proceed to the accomplishment of adjustments in the security policies and generating a feedback with other processes, the real knowledge of the present situation and determining the optimization and/or application of new technologies and processes that increase the reliability degree.`
`@Merlin`	`3. OBJECTIVE`
`@Merlin`	`The general objective of a penetration test is by means of its execution, to detect the weaknesses and to contribute with recommendations to the process of security of a`
`@Merlin`	`technological platform, and it also looks to enrich the processes of continuous improvement of the audit, management and maintenance of an information system.`
`@Merlin`	`4. JUSTIFICATION`
`@Merlin`	`The technology has facilitated and well-known improved the form to work of the companies, has offered speed in its operation through the use of information system`
`@Merlin`	`generating continuously a better reflected performance in the satisfaction of the final client; unfortunately this goes along with a series of serious disadvantages when the`
`@Merlin`	`technology does not operate correctly, Pretended losses of yield in the servers, continuous disconnection of the workstations, frequent falls of the communication`
`@Merlin`	`channels are just some examples that live the companies at the present time, where probably the most serious problem is the ignorance of the causes of these problems`
`@Merlin`	`for lack of knowledge, tools or specialized services and even worse when the organization faces the use of Internet like means of commercialization of her goods`
`@Merlin`	`and like a basic tool for his operation`
`@Merlin`	`To face this almost obligatory alternative is a challenge that is due to confront seriously, since the information system are remarkably at risk and therefore they`
`@Merlin`	`must be protected through a culture of continuous improvement, generating a policy of security totally opened to changes, but of obligatory character in its fulfillment. Finally the application of the most advisable technologies for the atmosphere of work`
`@Merlin`	`of the company is determined and which reflect 100% the decisions taken in the established policy. The penetration tests must be made once are defined the operation and security policies , also the technological infrastructure has to be`
`@Merlin`	`assured 100% and the results must give feedback the audit process, with which it is due to put in to generate the cycle of continuous improvement`
`@Merlin`	`5.5. RESOURCES`
`@Merlin`	`5.1 Human`
`@Merlin`	`You must count on a human group whose knowledge cover the following areas: Operating systems, networking, applications and telephony, in addition it is important`
`@Merlin`	`to have contact and/or access to the world underground (recognized groups of hackers).`
`@Merlin`	`5.2 Logical and physicist`
`@Merlin`	`"Computer or computers with different operating systems like: Windows 2000, Linux, Solarix, Beos, Os2.. Connectivity to the private or public network, through an analog or digital Modem, network adapter, Wireless, etc..`
`@Merlin`	`Tools as applications, devices and specialized, considered techniques in some cases like tools of hacking`
`@Merlin`	`"-Port Scanners: Tools that detect the existence of equipment in a network, and the services that offer.`
`@Merlin`	`Commercial: Ws Ping Pro Pack`
`@Merlin`	`Free: Nmap, Hping, Jackal, Cheese`
`@Merlin`	`"-Analyzers of vulnerabilities: Tools that make automated verifications of vulnerabilities.`
`@Merlin`	`Commercial: Cybercop Scanner, Iss, Retina Gratuitous: Nessus, Saint, Sara`
`@Merlin`	`Sniffers or Traffic analyzers : Tools that capture all the visible traffic in a network segment, being able to capture usuary and passwords of protocols that do not use coding schemes.`
`@Merlin`	`Commercial: Nai Sniffer, I dominate, Advisor`
`@Merlin`	`Free: Analyzer, Ethereal, Tcpdump`
`@Merlin`	`Password crackers: Common tools that try to obtain the access passwords to a system by means of dictionaries, lists of passwords and brute force.`
`@Merlin`	`Commercial: Lopht Crack.`
`@Merlin`	`Free: John the Ripper, Crack`
`@Merlin`	`"-Trojan Horses: Software catalogued like virus, whose objective is to have the control of computers and/or servers.`
`@Merlin`	`Examples: Netbus, SubSeven, Back Orifice`
`@Merlin`	`"-Networks Management: Software to detect configurations and originating information of agents SNMP and readings of MIBs.`
`@Merlin`	Commercial: Unicenter TNG, Tivoli, HP OpenView, What`s UP, Insigh Manager, Top Tools, Dell Open Manager, Trascend, Cisco Works, Net View, Nways Campus to manager, SMS
`@Merlin`	`"-Social Engineering: It includes/understands a assembly of tactics catalogued like the most powerful weapon for the access to IS, cradles in the common sense and the human error.`
`@Merlin`	`"-Interpersonalización (Supplanting): Technical more transparency, effective and destructive of hacking, to look for to supplant an authorized user to obtain`
`@Merlin`	`access to any type of information, made through the use of troyanos, the crakeo of access keys and social engineering`
`@Merlin`	`6.6. METHODOLOGY`
`@Merlin`	`6.16.1 -International policies and standards`
`@Merlin`	`Like introduction to the raised methodology, The existing policies and international standards are mentioned and where the penetration tests become vital, although`
`@Merlin`	`they are only a single task within these, is very important to know the context in that they are developed, Up next will be a brief review of the standards which they have`
`@Merlin`	`arisen through the time, as well as the ones used at the time`
`@Merlin`	`Trusted Computer System Evaluation Criteria (Tcsec. Orange Book)`
`@Merlin`	`Developed by the government of the United States in 1980 to provide a standard in the manufacture with governmental systems and as an evaluation criteria to`
`@Merlin`	`determine the confidence degree that fulfills an information system, also known like Orange Book`
`@Merlin`	`Trusted Interpretation Network (TNI) Given the necessity to interchange information and with the evolution of computers networks, is born the necessity of an`
`@Merlin`	`evaluation criteria, which in 1987 is developed by the government of the United States and based on the interpretation of the TCSEC for computers and network communications systems`
`@Merlin`	`International Technology Security Evaluation Criteria (ITSEC)`
`@Merlin`	`Developed by European countries, is born of the combination of the criteria of the`
`@Merlin`	`orange book and the best European evaluation criteria, additionally it covers contemplated integrity and availability that not tapeworm in the TCSEC`
`@Merlin`	`Common Criteria (CC) Represents the efforts of the international community in aligning and developing a criteria of evaluation in security, like result of the`
`@Merlin`	`European and North American standards. The Common Criteria combines the best elements of the ITSEC, the CTCPEC (of Canada) and Criteria North American`
`@Merlin`	`Federal (FC), the intention of the common criteria is to identify and to evaluate characteristic in products and systems, which are ratified by standard ISO 15408`
`@Merlin`	`17799 ISO`
`@Merlin`	`This based on the 1995 standard British BS7799 and developed to provide a coherence with the controls jeopardize in the best ones you practice in security`
`@Merlin`	`information and where the only source of information is the company C & A Systems Security LTD`
`@Merlin`	`6.2 6.2 Propose basic methodology`
`@Merlin`	`6.2.1 Description`
`@Merlin`	`As a global vision for the development of the penetration tests has a physical and logical integral perspective, commits and external of the objective, analogous it is`
`@Merlin`	`described like the integration and comparison between the real world and the virtual world; consequently one resorts to the application of the scientific method like`
`@Merlin`	`methodology to follow, from which the processes of obtaining of information, analysis of the information and formulation of hypothesis, the experimentation (development`
`@Merlin`	`and use of tools) are derived and finally the documentation of the results and the conclusions; through the analysis of the results obtained in each one of the`
`@Merlin`	`processes, one settles down the strategy and tactics to use. The propose strategy is supported in several known techniques as they are it social engineering, the common`
`@Merlin`	`sense and the application of tools of hardware and software. 4 phases have been denominated that they search to contribute information to the process of securing of`
`@Merlin`	`the information, with the results obtained and based on the cycle of prevention, detection and answer`
`@Merlin`	`6.2.2 Phase 1: Obtaining of information`
`@Merlin`	`Has defined the use of scenes, each one of these represents a type of user and information according to the type of connection is compiled. Both first scenes A and`
`@Merlin`	`B count on restricted profiles (according to policies of standard security); both remaining they count on privileged access, scene C on the platform and scene D`
`@Merlin`	`establishes a physical and/or logical connection on the network and is independent in the administration and execution of processes and tasks on a computer`
`@Merlin`	`Scenarios :`
`@Merlin`	`Scenarios A: Well-known user - Common User`
`@Merlin`	`Scenarios B: Well-known user - User with advanced knowledge`
`@Merlin`	`Scenarios C: Well-known user - User administrator of system`
`@Merlin`	`Scenarios D: External user to the company`
`@Merlin`	`Types of Connection:`
`@Merlin`	`LAN: Locally connected user`
`@Merlin`	`INTRANET: User connected from the internal network.`
`@Merlin`	`EXTRANET: User connected from an external network (partner)`
`@Merlin`	`INTERNET: User from an external connection.`
`@Merlin`	`6.2.3 Phase 2: Analyses of the information and formulation of hypothesis`
`@Merlin`	`Based in the collected information, the group of experts analyze and classify the possible weaknesses detected by critical levels, this looks for to feed the phase on`
`@Merlin`	`tools application according to the type of detected services and the formulation of hypothesis, which represents a diagnose of the present state of the technological`
`@Merlin`	`platform at issue. Afterwards these hypotheses are validated with the experimentation process`
`@Merlin`	`6.2.4 Phase 3: Experimentation (Development and use of tools)`
`@Merlin`	`In first instance resorts to the DNS search of the servers associated to the domain ,`
`@Merlin`	`an example of a tool that contributes to this task is the command nslookup.exe of the operating system of Microsoft Windows NT/2000`
`@Merlin`	`Once identified the public servers, three possibilities of global operation can be faced, depending on the physical location of the technological infrastructure`
`@Merlin`	`1.1. External : Internet Solutions Provider ISP + Applications Solutions Provider`
`@Merlin`	`ASP.`
`@Merlin`	`2. Internal : ISP + Department of Computer Science and Technology`
`@Merlin`	`3. Mixed: ISP + ASP + Department of Computer Science and Technology`
`@Merlin`	`Once identified the model of global operation, it is come to identify the models of operation for the benefit of services, these models can nowadays be mixed according`
`@Merlin`	`to the policy of operation of the company, these are known generally like`
`@Merlin`	`Outsourcing: Service of renting and administration of the operation of IT`
`@Merlin`	`Hosting: Service of renting of services in the servers of ISP or ASP.`
`@Merlin`	`Housing: Service of renting of physical space in a ISP, mainly for teams of`
`@Merlin`	`communications and servers of the company.`
`@Merlin`	`Insourcing: Service of administration of servers of the company by a third party`
`@Merlin`	`IT Department: Administration service for servers of the company is internally assumed.`
`@Merlin`	`The question arises then: How to identify and to classify the models of global operation and services?. The answer is the use of commands and applications of the operating system like: Ping, Tracert, Nbtstat, Net, Finger, FTP, telnet, Tftp, among`
`@Merlin`	`others, that help to obtain information of the services in the public servers, the equipment of communications, the private network and the scheme of security that may be in use for his protection`
`@Merlin`	`It is important to stand out that through the use of commands and applications of the operating system it is managed to obtain important information that with knowledge of cause or not the company does not have to immediately begin to evaluate the`
`@Merlin`	`degrees of administrative privileges on the computers for the users, who in most of the cases are of full control, allowing not only to have access to the configurations but to the installation of non-authorized software.`
`@Merlin`	`When facing this type of situation is potentially exposed that a user with knowledge or simple curiosity begins to install and to prove the different types from tools`
`@Merlin`	`mentioned in the data network previously. Once made the obtaining of information and with base in the analysis of the obtained results of the use of commandos and`
`@Merlin`	`applications, it is possible to be determined a type of situation and global weakness of the platform`
`@Merlin`	`Situation A: They do not count on a security scheme.`
`@Merlin`	`Possible weakness: Total ignorance of the concept of Computer science Security.`
`@Merlin`	`Situation B: They count on an incomplete scheme of security with faults and/or, administered and possibly monitored`
`@Merlin`	`Possible weakness: Policies of security are not defined , faults or omission of`
`@Merlin`	`elements in the scheme of security like: Rules in the Firewall, filter of content, detection of intruders, decoys, VPN, PKI, etc.`
`@Merlin`	`Situation C: They count on an installed scheme of security, administered and possibly monitored.`
`@Merlin`	`Possible weakness: Vulnerability of the scheme by faults in the maintenance and/or human.`
`@Merlin`	`Each one of these situations has managed to identify elements of the technological platform and of the security scheme used for its protection, the following step is to`
`@Merlin`	`use the tools to verify and evaluate the degrees of prevention, detection and reaction of the system, using as base of evaluation the alarms and LOGs generated in the`
`@Merlin`	`use of these. The results obtained through the use of this tool can throw the following situations`
`@Merlin`	`Use of nonsafe services on concentrators (Hubs): It represents a high risk for the information system since any connected user could listen to the data, users and keys`
`@Merlin`	`of access of the following services: electronic mail, Web, applications client/server, Data bases search , among other services. Use of nonsafe services on commutators`
`@Merlin`	`(Switches): Although it diminishes the listening risk, are left other possibilities open that there would be to evaluate like: the ports mirror (port mirror), Segmentation`
`@Merlin`	`(VLANs) and Gestión (SNMP)`
`@Merlin`	`Identification of the services, weaknesses and schemes of passwords: It represents a high degree of risk when exposing publicly the technological platform and the`
`@Merlin`	`information system, underestimating the use of security elements and/or implementations with faults. Access to the services directly on the production server`
`@Merlin`	`It represents a high risk for the information system since any connected user could jeopardize the computer and the services available. Services protected by firewall`
`@Merlin`	`Although it diminishes the risk of direct bonding, are left other possibilities open that there would be to evaluate as the content filter on the services, the systems of`
`@Merlin`	`detection of intruders, decoys, PKI, VPN, among others.`
`@Merlin`	`Services protected by a security scheme: When one faces this type of situation, the commitment of the personnel with the policy of security of the company is due to`
`@Merlin`	`evaluate, it looks for then the human error through techniques of social engineering and interpersonalizacion (Supplanting).`
`@Merlin`	`6.2.5 Phase 4: Documentation of the results and conclusions`
`@Merlin`	`Document that compiles all the information obtained in the different phases, summarizes the analysis of the results and the documentation of the tests, in addition it raises the recommendations that contribute to the cycle of continuous`
`@Merlin`	`improvement, contributing to the adjustment in the policies of established security and consequently to the implanted security system, this with the purpose of`
`@Merlin`	`controlling those services that were not considered initially or which they are totally new within the scheme and which they represent potentially alternative of danger`
`@Merlin`	`against integrity, confidentiality and availability of the information.`
`@Merlin`	`Finally it is very important that 100% of the employees of the company, with base in`
`@Merlin`	`the obtained or informed experiences, are committed and contributed in the fulfillment of the security policies, of this form this taking a great step in the social apprehension of the culture in computer science security`
`@Merlin`	`7.7. BIBLIOGRAPHY`
`@Merlin`	`Common Criteria or ISO 17799:`
`@Merlin`	`http://www.sans.org/infosecFAQ/standards/ISO17799.htm`
`@Merlin`	`Underground:`
`@Merlin`	`www.astalavista.com`
`@Merlin`	`Security Site (Spanish):`
`@Merlin`	`www.kriptopolis.com`
`@Merlin`	`Documents of Asociación Colombiana de Ingenieros de Sistemas:`
`@Merlin`	`http://www.acis.org.co/Paginas/publicaciones/archivos.html`
`@Merlin`	`Understanding Ethical Hacking:`
`@Merlin`	`http://www.itp-journals.com/search/m04133.htm`
`@Merlin`	`well in this form we are concluied.. the topic. thanxs for everybody to stay here.. and we are waiting to next .. time`
`@Merlin`	`thank for your time`
`Vegas`	`that was well traducted Merlin`
`Vegas`	`and thanks for _your_ time`
`BLiND_MaN`	`thanks for your time!!!`
`osu`	`hola. se estan guardando los log de estas charlas?`