lptv4 module 40 security patches penetration testing

ECSA/LPT

EC CouncilModule XL

EC-CouncilSecurity Patches Penetration Testinge et at o est g

Penetration Testing Roadmap

Start HereInformation Vulnerability External

Gathering Analysis Penetration Testing

Fi ll Router and InternalFirewall

Penetration Testing

Router and Switches

Penetration Testing

Internal Network

Penetration Testing

IDS

Penetration Testing

Wireless Network

Penetration Testing

Denial of Service

Penetration Testing

Password Cracking

Stolen Laptop, PDAs and Cell Phones

Social EngineeringApplication

Cont’d

EC-CouncilCopyright © by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited

Penetration TestingPenetration Testing Penetration TestingPenetration Testing

Penetration Testing Roadmap (cont’d)(cont d)

Cont’dPhysical Database VoIP Security

Penetration Testing

Penetration testing Penetration Testing

Vi dVirus and Trojan

Detection

War Dialing VPN Penetration Testing

Log Management

Penetration Testing

File Integrity Checking

Blue Tooth and Hand held

Device Penetration Testing

Telecommunication And Broadband Comm nication

Email Security Penetration Testing

Security Patches

Data Leakage Penetration Testing

End Here



Communication Penetration Testing

gPenetration Testing

Penetration Testing

Patch Management

It is a part of system management which involves acquiring, It is a part of system management which involves acquiring, testing, and installing of patches to an administrated computer system.

Patch management tasks include:

• Maintaining current knowledge of the available patches.• Deciding what patches are appropriate for the particular systems.

E i h h i ll d l• Ensuring that patches are installed properly.• Testing systems after installation.• Documenting all associated procedures, such as specific

configurations required



configurations required.

Patch and Vulnerability Group (PVG)(PVG)

PVG d l ith l bilit di ti ff t lik OS PVG deals with vulnerability remediation efforts like OS, application patching, and configuration changes.

Responsibilities of PVG:

• Conduct testing of patches and non-patch remediation • Create a database of remediation

Di t ib t i f ti l t d t l bilit d di ti • Distribute information related to vulnerability and remediation to the local administrators

• Configure automatic update of applications • Monitor security sources for vulnerability announcements like



Monitor security sources for vulnerability announcements like patch and non-patch remediation

Penetration Testing Steps

1 • Check if organizations have a PVG in place

2 • Check whether the security environment is updated

• Check whether organization use automated patch management tools 3 Check whether organization use automated patch management tools

4 • Check the last dates of patching

5 • Check the patches on non-production systems

6 • Check the vender authentication mechanism6

7 • Check whether downloaded patches contain viruses



8 • Check for dependency on new patches

Step 1: Check If Organizations has a PVG in Placehas a PVG in Place

Check whether the organization has a team of Patch andgVulnerability Group (PVG).



Step 2: Check Whether the Security Environment are Updated Environment are Updated

New types of vulnerabilities may arise with theinstallation of new patches.

These new patches may affect the securityenvironment.

li i i h d h kTry any malicious action on the system, and checkwhether the security environment such as firewall,antivirus, and security software tools are updated.



Step 3: Check Whether Organization use Automated Patch Management Tools g

Check whether organizations use automated patch managementl h ZEN k P h M dtools, such as ZENworks Patch Management and

UpdateEXPERT.



Step 4: Check the Last Dates of PatchingPatching

Check whether Ch k th l t

the database is maintained for

patching by

Check the last date when a patch wasi ll d

patching by PVG.

installed.



Step 5: Check the Patches on Non-Production SystemsProduction Systems

Patches may contain malicious code that affects the system.

Before installing on the main system, check whether the patches and configuration modifications are tested on the non-production systems.



Step 6: Check the Vender Authentication MechanismAuthentication Mechanism

Check whether the downloaded patches are checked against any of the authentication methods.

The authentication method can be:

• Cryptographic checksums.yp g p• Pretty Good Privacy (PGP) signatures.• Digital certificates.



Step 7: Check Whether Downloaded Patches Contain VirusesPatches Contain Viruses

Try to download any malicious or virus patch on the system.

Run an anti-virus tool over downloaded virus patch and check whether anti-virus detects patch and check whether anti virus detects virus or not.

Check whether the virus signature database or anti-virus program is up to date.



Step 8: Check for Dependency of New Patches New Patches

Check whether Check whether

Check whether there is dependency b h

installing new patch inadvertently

New Patches

between the patches if installed sequentially.

inadvertently uninstalls or disables another patchpatch.



Security Checklist for Patch ManagementManagement

Organizations should create a patchO ga at o s s ou d c eate a patcand vulnerability group (PVG).

Organizations should use automatedpatch management tools.

Download the patches from home siteof the product.o t e p oduct.

Scan the patches for viruses



Scan the patches for viruses.

Patch Management Tools

Altiris Patch Management Solution

ANSA

BigFix Patch Manager

BindView Patch Management

C5 Enterprise Vulnerability Management Suite

E P t h M Ecora Patch Manager

eTrust Vulnerability Manager

GFI LANguard Network Security Scanner GFI LANguard Network Security Scanner

Hercules

HFNetChkPro



HFNetChkPro

HP OpenView Patch Manager using Radia

Patch Management Tools (cont’d)

LiveState Patch Manager

ManageSoft Security Patch Management

Marimba Patch Management

NetIQ Vulnerability Manager

Opsware Server Automation System

PatchLink Update

PolicyMaker Software Update

Prism Patch Manager

SecureCentral PatchQuest



Security Update Manager

Patch Management Tools (cont’d)

Systems Management Server

SysUpdate

UpdateEXPERT

Windows Server Update Services

ZENworks Patch Management

LANDesk Patch Manager

Service Pack Manager

Sitekeeper (Patchkeeper module)

Software Update Services



p

Kaseya Patch Management

Summary

Patch management is a part of the system management which involves acquiring, testing, and installing of patches to an administrated computer system.

New types of vulnerabilities arise with the installation of latest hpatches.

Organizations should create a patch and vulnerability group (PVG).



lptv4 module 40 security patches penetration testing

Documents