Yesterday was the SANS Webcast on ?Combining Network, Web App and Wireless into the Ultimate Penetration Test,? I had registered to catch it live but my lunch break disappeared under a pile of deadlines. Today I was able to catch the archive of the presentation.
The focus of the webcast was as the title describes, using combined methods and attack vectors during a penetration test. Sometimes depending on the client requirements, a pen test will be requested but with a very limited scope. For example they might only want their wireless network tested or a public facing web application. Usually due to either lack of interest or cost some companies will not get the full Monte? I think this is bad because the results provided from the pen test are only part of the picture. I think that if a business is going to have a pen test conducted it should cover all the potential attack vectors. Otherwise a business might have a false sense of security.
The example used in the webcast was using an open wireless connection that a business might use for guest Internet access, to gain access to the businesses network. It starts with using various wireless attach methods to discover and attack clients on the network. By intercepting employee Internet traffic over the wireless network they inject an exploit and use BeEF to escalate access and bind a reverse shell to the client to gain access to the businesses internal network. Once they have access into the businesses network they start to scan the network, compromise services and exploit clients on the network.
This was only part 1 of a 3 part series. Part 2 is said to be release middle of next month. My first impression is that it?s a good series and I am looking forward to the others. We have so many specialist in security I see it all the time in my classes. I have students that just do ?Windows? or just do ?Linux? or just do ?Networking.? That is great and they discuss that in the webcast, we need people that know each of these technologies cold, but as they say in the webcast do you want to pigeon hole yourself?
I have always tried to keep a balance when it comes to my skills. Now due to my 13+ years of experience I am viewed mostly as a System and Network ?type? of IT Professional. But I have also over the years learned and worked with Programming from Assembly to JAVA and even done Web App development from Perl/CGI to PHP and even Wireless networking.
What it all comes down to is that nobody can know it all but personally I think we should all know what is possible and understand our skills and limits. Collaboration is another key component that is important. I think that is why there is such a huge network of Ethical Hackers and Penetration Testers out there all willing to share what the know and exchange knowledge so freely.
If you?re interested in Pen Testing and have the time, I would suggest checking Part 1 of the series. When your done please post a comment and let me know what you thought about it.
