Upload
shanky-verma-soni
View
224
Download
1
Embed Size (px)
Citation preview
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
1/29
ECSA LPT
- o u eData Leakage Penetration
es ng
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
2/29
Penetration Testing Roadmap
Start HereInformation Vulnerability External
Gathering Analysis Penetration Testing
Router andrewa
Penetration Testing
Switches
Penetration Testing
Network
Penetration Testing
IDS
Penetration Testing
Wireless
Network
Penetration Testing
Denial of
Service
Penetration Testing
Password
CrackingStolen Laptop, PDAs
and Cell Phones
Social
EngineeringApplication
Contd
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Penetration TestingPenetration Testing
Penetration TestingPenetration Testing
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
3/29
Penetration Testing Roadmap
Contd
Physical Database VoIP
ecur ty
Penetration Testing
enetrat on test ng enetrat on est ng
rus an
Trojan
Detection
War Dialing VPN
Penetration Testing
Log
Management
Penetration Testing
File Integrity
Checking
Blue Tooth and
Hand held
Device
Penetration Testing
Telecommunication
And BroadbandEmail Security
Penetration Testing
Security
PatchesData Leakage
End Here
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Penetration TestingPenetration Testing
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
4/29
Data Leakage
Loss of private and sensitive data affects the financial
condition of an organization, and damages its reputation.
email.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
5/29
Data Leakage Statistics
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Source: http://www.networksunlimited.com
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
6/29
How Much Security?
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Source: Infowatch, 2007
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
7/29
How Data Can be Leaked
Doors of data leakage:
USB and other removable devices
FTP ports
Bluetooth
Email attachments
Memory slots
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Spyware and Trojans
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
8/29
What to Protect
Employees information such as names, addresses, social security numbers, and other identity-relatedinformation
Marketing and new product plans
Corporate strategies
Target markets and prospect information
Usual business methods
ro uc es gns, researc , an cos s
Alliance and contract arrangements: delivery, pricing, and terms
Staffing, operations, and wage/salary
Credit records or credit union account information
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Trade secrets and intellectual property
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
9/29
Steps for Data Leakage
Step 1: Check physical availability of USB devices
Step 2: Check whether USB drive is enabled
Step 3: Try to enable USB
Step 5: Check whether Bluetooth is enabled
Step 6: Check if the firewire is enabled
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 7: Check if FTP ports 21,22 are enabled
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
10/29
Steps for Data Leakage
Step 8: Check whether memory slot is available and enabled in systems
Step 9: Check whether employees are using camera devices withinrestricted areas
Step 10: Check whether systems have any camera driver installed
- -
Step 12: Check whether encrypted data can be decrypted
Step 13: Check if the internal hardware components are locked
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 14: Check whether mail and attachments size is restricted
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
11/29
Step 1: Check Physical
USB devices are used for bulk data transfer.
A system uses USB devices to transfer the data.
Check the device manager to find the physical availability of USBdevices.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
12/29
Step 2: Check Whether USB
A USB drive is directly connected to the computer through USB port and is usedfor data transfer.
Check whether USB drive is enabled or disabled.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
13/29
Step 3: Try to Enable USB
If the USB is disabled, try to enable the USB.
If you are able to enable the device, it means that the user has adminprivileges, which should not be the case for normal users.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
14/29
Step 4: Check Whether USB
.
is connected to the system.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
15/29
Step 5: Check Whether Bluetooth
-connectivity options.
Check whether these connections areenabled.
Try to enable such connection.
If you are able to enable the device, itmeans that the user has admin
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
,for normal users.
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
16/29
Step 6: Check if the Firewire is
Firewire is used to transfer data at ag er spee .
.
.
Check whether firewire is enabled
or not.
Go to the DOS window and type
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
ipconfig/all.
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
17/29
Step 7: Check if FTP Ports 21 and
Check whether FTP ports 21 and 22 are enabled or not.
Check the firewall settings to see if the ports are blocked.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
18/29
Step 8: Check Whether any Memory Slot is
Available and Enabled in S stems
There are man memor slots resent on the s stem such as RAM slotsSRAM slots, and virtual memory slots.
Check for all available memory slot in the system.
Use the slot manager which creates slot information record for eachmemory slot.
Slot manager identifies all the memory resources and creates a slotresource table.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
19/29
Step 9: Check Whether Employees areUsing Camera Devices within Restricted
Employees with camera devices can easily capture confidential data intheir device.
Illegal use of such devices in restricted/sensitive areas leads to dataleakage.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
20/29
Step 10: Check Whether Systems have
An Camera Driver Installed
Check whether the s stem hasany camera driver installed. Theimagecannotbedisplayed.Your computer may nothaveenough memory to open theimage,or theimagemay havebeen corrupted.Restartyour computer,and then open thefileagain.Ifthered x stillappears,you may haveto deletetheimageand then insertitagain.
Go to My ComputerPropertiesHardwareDevice Manager
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
21/29
Step 11: Check Whether Anti-Spyware and Anti-Trojans are
na e
Check whether anti-s ware and anti-Tro ans are enabledor not.
Sen ma icious programs to t e system an c ec w et erthese anti-spyware detects it or not.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
22/29
Step 12: Check Whether Encrypted
Data Can be Decr ted
Data encryption technique protects organizations vitalinformation against unauthorized users.
information.
Cryptanalysis tools:
Jipher
Crank
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
23/29
Step 13: Check if the Internal
Hardware Com onents are Locked
such as LAN/WLAN and PCMCIA cards arelocked or not.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
24/29
Step 14: Check Whether Size of Mail
and Mail Attachments is Restricted
Check the size limits for mails and mail attachments.
For Microsoft Exchange Server, Go to the mailbox properties
mail flow setting tab and open the message size restrictiona og ox o c ec e s ze o e rans erre an rece ve ma .
ry o sen e a ac men av ng more s ze an e e nelimit.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
25/29
Data Privacy and Protection Acts
Gramm-Leach-Blile
Health Insurance Portability and Accountability Act
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
26/29
Data Protection Tools
VIP Privacy
Safend Protector
VISOCO Data Protection Master
Reconnex's iGuard
CryptEnCrypt
Ste anos Securit Suite
Data Protection Software
Private InfoKeeper
LockFolderQwikSecure File ProtectionSystem
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
27/29
Summary
Loss of private and sensitive data affects the financial condition and.
Employees information such as names, addresses, and social securitynumbers must be rotected.
Doors of data leakage are USB, FTP ports, Bluetooth, email attachment,
firewire, memory slots, spyware, and Trojans.
Check physical availability of USB devices and try to enable them.
Check whether Bluetooth, firewire, and FTP ports are enabled.
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
Check whether anti-spyware and anti-Trojans are enabled.
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
28/29
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited
7/24/2019 LPTv4 Module 41 Data Leakage Penetration Testing
29/29
EC-CouncilCopyright byEC-Council
All Rights reserved. Reproduction is strictly prohibited