Last two weeks, I learned about the steps it takes to perform penetration testings to a target user / server. First we have the reconnaissance step which is always neglected due to the fact that it might not be that important for some people but if logically, it is one of the most important because this is the step in which you will be thorough when it comes to the person / organization / server's identity so that no amount of time and effort will be wasted on penetrating other entities that does not have anything to do with your target. The second one is the mapping side in which the attacker that will map the entire network to best understand how data flows from one web page to the other and see where they are connected. The third part is a discovery in which the attacker exploits the vulnerabilities that the network possesses. The fourth one is exploitation wherein the attacker launches attacks to vulnerable parts of the web server to exploit the data / information that the attacker wants to obtain. And if necessary, the attacker would just need to repeat the steps all over again to launch another attack to it.
To further understand how it works first hand, we had an exercise in which we did all these steps to the given websites. All went well and great and I understood a lot more from it than I would've thought about. The only thing that worries me is that some applications that are necessary to perform thorough attacks/penetration skills needs payment to use.
Linggo, Hulyo 17, 2016
Linggo, Hulyo 3, 2016
Learning Log 2:
Last week, I learned about different types of authentications which are Client Side authentication, Basic Authentication, Digest Authentication, IWA Authentication, Forms Based Authentication, and OAuth Authentication. I understood that it's important to know what type of authentication a website has because from there, we can deduce what type of security or encryption it does to the data being transmitted to it and from that, we can understand what type of penetration testing that it is vulnerable from. I understood it better when we did an exercise last 2 weeks and it was fun trying to decrypt the username and password in a website that has basic authentication and digest authentication because it uses a simple encryption type which are Base64 and MD5 hashing.
This week I learned more about the different types of session management and that developers should focus more on handling the server security better than the client side because the server side have more security to offer than that of the client side, take for instance, the web certifications and the additional layer of encryption by HTTPS compared to HTTP. Moreover, the session management is a way for websites to keep their session ID's secured because if an attacker tries to track down the session ID, it'll be easier for that attacker to impersonate and access information from that website using someone else's session ID. We also discussed about the different types of pen testing tools which guided us through our exercise as well.
This week I learned more about the different types of session management and that developers should focus more on handling the server security better than the client side because the server side have more security to offer than that of the client side, take for instance, the web certifications and the additional layer of encryption by HTTPS compared to HTTP. Moreover, the session management is a way for websites to keep their session ID's secured because if an attacker tries to track down the session ID, it'll be easier for that attacker to impersonate and access information from that website using someone else's session ID. We also discussed about the different types of pen testing tools which guided us through our exercise as well.
Sabado, Hunyo 18, 2016
Learning Log 1:
This past few weeks have been an introduction to different types of security testing and tools to implement an attack/defend a website from threats. I also learned about the different types of status codes that we often see in a web browser/web page/s, such as error 404, etc., etc., and that the series of errors are divided into 5 different classifications which are: error 1xx which is defined as having an informational status, 2xx which is defined as having a successful response from the server, 3xx which is defined as being redirected to a particular entity/service, 4xx which is defined as having a client error, and lastly, 5xx which is defined as having a server error. Moreover, this division can further be subdivided which provides more specific details regarding the said status code.
Few of the other things I learned throughout the weeks are the different types of methods that can be implemented through HTML. Also, through our research for the assigned homework about the topic in which my group is assigned to cover throughout the semester, is that Web Application Firewall and Control is being implemented as a requirement made by an elite organization in which it provides a more targeted security in the 7 layers of OSI but the downfall of having this requirement is that it can't really do much as of the moment because the security is not that strong since the development of threats is advancing as fast as the evolution of making websites.
Mag-subscribe sa:
Mga Post (Atom)