LPTv4 Module 41 Data Leakage Penetration Testing

7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing

1/29

ECSA LPT

- o u eData Leakage Penetration

es ng


2/29

Penetration Testing Roadmap

Start HereInformation Vulnerability External

Gathering Analysis Penetration Testing

Router andrewa

Penetration Testing

Switches

Penetration Testing

Network

Penetration Testing

IDS

Penetration Testing

Wireless

Network

Penetration Testing

Denial of

Service

Penetration Testing

Password

CrackingStolen Laptop, PDAs

and Cell Phones

Social

EngineeringApplication

Contd

EC-CouncilCopyright byEC-Council

All Rights reserved. Reproduction is strictly prohibited

Penetration TestingPenetration Testing



3/29

Penetration Testing Roadmap

Contd

Physical Database VoIP

ecur ty

Penetration Testing

enetrat on test ng enetrat on est ng

rus an

Trojan

Detection

War Dialing VPN

Penetration Testing

Log

Management

Penetration Testing

File Integrity

Checking

Blue Tooth and

Hand held

Device

Penetration Testing

Telecommunication

And BroadbandEmail Security

Penetration Testing

Security

PatchesData Leakage

End Here





4/29

Data Leakage

Loss of private and sensitive data affects the financial

condition of an organization, and damages its reputation.

email.




5/29

Data Leakage Statistics



Source: http://www.networksunlimited.com


6/29

How Much Security?



Source: Infowatch, 2007


7/29

How Data Can be Leaked

Doors of data leakage:

USB and other removable devices

FTP ports

Bluetooth

Email attachments

Memory slots



Spyware and Trojans


8/29

What to Protect

Employees information such as names, addresses, social security numbers, and other identity-relatedinformation

Marketing and new product plans

Corporate strategies

Target markets and prospect information

Usual business methods

ro uc es gns, researc , an cos s

Alliance and contract arrangements: delivery, pricing, and terms

Staffing, operations, and wage/salary

Credit records or credit union account information



Trade secrets and intellectual property


9/29

Steps for Data Leakage

Step 1: Check physical availability of USB devices

Step 2: Check whether USB drive is enabled

Step 3: Try to enable USB

Step 5: Check whether Bluetooth is enabled

Step 6: Check if the firewire is enabled



Step 7: Check if FTP ports 21,22 are enabled


10/29

Steps for Data Leakage

Step 8: Check whether memory slot is available and enabled in systems

Step 9: Check whether employees are using camera devices withinrestricted areas

Step 10: Check whether systems have any camera driver installed

- -

Step 12: Check whether encrypted data can be decrypted

Step 13: Check if the internal hardware components are locked



Step 14: Check whether mail and attachments size is restricted


11/29

Step 1: Check Physical

USB devices are used for bulk data transfer.

A system uses USB devices to transfer the data.

Check the device manager to find the physical availability of USBdevices.




12/29

Step 2: Check Whether USB

A USB drive is directly connected to the computer through USB port and is usedfor data transfer.

Check whether USB drive is enabled or disabled.




13/29

Step 3: Try to Enable USB

If the USB is disabled, try to enable the USB.

If you are able to enable the device, it means that the user has adminprivileges, which should not be the case for normal users.




14/29

Step 4: Check Whether USB

.

is connected to the system.




15/29

Step 5: Check Whether Bluetooth

-connectivity options.

Check whether these connections areenabled.

Try to enable such connection.

If you are able to enable the device, itmeans that the user has admin



,for normal users.


16/29

Step 6: Check if the Firewire is

Firewire is used to transfer data at ag er spee .

.

.

Check whether firewire is enabled

or not.

Go to the DOS window and type



ipconfig/all.


17/29

Step 7: Check if FTP Ports 21 and

Check whether FTP ports 21 and 22 are enabled or not.

Check the firewall settings to see if the ports are blocked.




18/29

Step 8: Check Whether any Memory Slot is

Available and Enabled in S stems

There are man memor slots resent on the s stem such as RAM slotsSRAM slots, and virtual memory slots.

Check for all available memory slot in the system.

Use the slot manager which creates slot information record for eachmemory slot.

Slot manager identifies all the memory resources and creates a slotresource table.




19/29

Step 9: Check Whether Employees areUsing Camera Devices within Restricted

Employees with camera devices can easily capture confidential data intheir device.

Illegal use of such devices in restricted/sensitive areas leads to dataleakage.




20/29

Step 10: Check Whether Systems have

An Camera Driver Installed

Check whether the s stem hasany camera driver installed. Theimagecannotbedisplayed.Your computer may nothaveenough memory to open theimage,or theimagemay havebeen corrupted.Restartyour computer,and then open thefileagain.Ifthered x stillappears,you may haveto deletetheimageand then insertitagain.

Go to My ComputerPropertiesHardwareDevice Manager




21/29

Step 11: Check Whether Anti-Spyware and Anti-Trojans are

na e

Check whether anti-s ware and anti-Tro ans are enabledor not.

Sen ma icious programs to t e system an c ec w et erthese anti-spyware detects it or not.




22/29

Step 12: Check Whether Encrypted

Data Can be Decr ted

Data encryption technique protects organizations vitalinformation against unauthorized users.

information.

Cryptanalysis tools:

Jipher

Crank




23/29

Step 13: Check if the Internal

Hardware Com onents are Locked

such as LAN/WLAN and PCMCIA cards arelocked or not.




24/29

Step 14: Check Whether Size of Mail

and Mail Attachments is Restricted

Check the size limits for mails and mail attachments.

For Microsoft Exchange Server, Go to the mailbox properties

mail flow setting tab and open the message size restrictiona og ox o c ec e s ze o e rans erre an rece ve ma .

ry o sen e a ac men av ng more s ze an e e nelimit.




25/29

Data Privacy and Protection Acts

Gramm-Leach-Blile

Health Insurance Portability and Accountability Act




26/29

Data Protection Tools

VIP Privacy

Safend Protector

VISOCO Data Protection Master

Reconnex's iGuard

CryptEnCrypt

Ste anos Securit Suite

Data Protection Software

Private InfoKeeper

LockFolderQwikSecure File ProtectionSystem




27/29

Summary

Loss of private and sensitive data affects the financial condition and.

Employees information such as names, addresses, and social securitynumbers must be rotected.

Doors of data leakage are USB, FTP ports, Bluetooth, email attachment,

firewire, memory slots, spyware, and Trojans.

Check physical availability of USB devices and try to enable them.

Check whether Bluetooth, firewire, and FTP ports are enabled.



Check whether anti-spyware and anti-Trojans are enabled.


28/29




29/29



Documents

LPTv4 Module 41 Data Leakage Penetration Testing