Desktop and Server Os Vulnerabilities – Chapter 8

This chapter speaks to Vulnerabilities in Windows and Linux operating systems. As a security tester it is vital to be able to identify potential security problems and correct such weaknesses. A good website for determining vulnerabilities for any operating system is www.cve.mitre.org. This site can also be used to test a Windows computer and make sure it has current updates as well as patches. The following areas are potential locations for a security breach:

• Windows file Systems
• File Allocation Table
• NTFS (New Technology File Systems)
• Remote Procedure Call
• NetBios
• Server Message Block
• Common Internet File System
• Null Sessions
• Web Services
• SQL Server
• Buffer Overflows
• Passwords and Authentication

Some tools to help find vulnerabilities are eEye Retina, Tenable Nessus, QualysGuard, GFI Languard, and IBM Internet Scanner and OpenVas. All these scanners can be used on both Linux and Windows operating systems.

However built into Windows is MBSA (Microsoft Baseline Security Analyzer) which has the capabilities of checking for patches, security updates, service packs, and hotfixs. It can also address the concern right away.

The following list is ways to help make your computer more secure:
• Patching Systems
• Antivirus Solutions
• Enable Logging and Review Logs Regularly
• Disable Unused and Filtering Ports

The chapter continues with Linux operating system vulnerabilities and tools to identify these issues. There are several Lab activities throughout the chapter which give you some hands on experience.

Programming for Security Professionals – Chapter 7

This chapter is an introduction into programming for the Security Professional. It is an overview of C, HTML, and Perl programing. It began with some basics about Branching, Looping, and Testing. Branching takes you from one area of a program to another area. Looping is the act of performing a task over and over. The loop usually completes after testing is conducted on a variable and returns a value of true or false.

The most popular programming language is C. When writing an algorithm it is critical to have clear program code documentation. The text has several different charts giving descriptions of each of the following topics Compilers, Characters, Variable types, Specifiers, and Operators. Security Professionals should have a basic understanding of Peril and c because many security tools are written in these languages. With this knowledge a Security Professional could modify the security tools and construct their own customized program.

The chapter concludes with reviewing Object-Oriented Programing Concepts along with an overview of Ruby. Again there are some charts listing the functions and their descriptions. Overall the chapter provided some insights on the fundamentals of programing and it was not overwhelming.

Enumeration – Chapter 6

Enumeration is all about taking port scanning to the next level. In this chapter we learned some basics about various Operating Systems and the tools for enumerating them. In this chapter we were introduced to use the NBTscan tool and the enumerating window operating systems. The chart below describes the Windows Operating Systems.

The Network Basic Input Output System (NetBIOS) is a windows programing interface that allows computers to communicate across a local area network. The Network Basic Input Output System is important to understand because hackers often exert more effort to attach computers identified as domain controllers because these systems store more data.  The chapter goes on to explain NetBIOS Null sessions and enumeration tools. It goes on further to talk about such tools as DumpSec, Nessus, OpenVas, and Hyena.

The text goes into a brief overview of the Netware Operating System highlighting the key points from each of the five listed below.

  

The chapter closes with enumerating *nix Operating Systems and UNIX enumeration.