Running Head: CSOL 570 - FINAL PROJECT
Jesus Raya (Jesse)
CSOL 570 - Final Project
CSOL 570
March 1, 2020 CSOL 570 - Final Project
CSOL 570 - Final Project
MODULE 7 TASK:
In this module you will be submitting your final project. This project requires the compilation of each of the individual trade studies and configuration documentation from the previous modules into a comprehensive report detailing the capabilities and configurations of the virtualized security platform that you have created in your virtualized lab environment.
Your final report should specifically include the following sections:
1. Trade studies - describing each of the trade studies you completed during the course and the results of each study. 2. Virtualized test lab architecture - describing each Virtual Machine (VM), the network connectivity for each VM (e.g., IP addresses/networks) and the role that each VM plays in your test lab. 3. Your security toolkit - describing the role that each unique security tool (e.g., wireshark, etc) plays in your test lab. This can be a simple table that inventories each tool you have made use of from the Kali Linux install as well as any additional tools you have installed and used throughout the course. 4. Surveillance and reconnaissance processes - detailing the commands you have used to perform the following actions: • Scan a network to determine the operating systems installed on hosts • Perform a dictionary attack against a host’s SSH service • Launch an exploit payload against a vulnerable web service • Identify the ports listening on a host • Eavesdrop on communications between two hosts • Identify the SSID of an active wireless network 5. Lessons learned and final thoughts - Detailing what you’ve learned from the labs and how you will use what you’ve learned in your role(s) moving forward.
CSOL 570 - Final Project
CSOL 570 - Final Project
Objective:
The objective of this work is to demonstrate how the studies learned at the University of
San Diego in Network Visual Vulnerabilities have provided students with a general understanding of network visualization and possible vulnerabilities organizations face on a day- to-day basis. The report will discuss the different tools used to execute each assignment throughout the academic term for CSOL 570 with a summary of each assignment and how the role of the tools served in the completion of each task. Although several tools are seemingly similar, each serves their purpose and have their pros and cons. To understand the broadness of
Cybersecurity, it is essential to know how network vulnerabilities paint a bigger picture in exploiting organizations' security posture. The courses learning outcomes for CSOL 570 are to;
Identify threats to today’s networks, Asses how to employ security protocols and
cryptography to secure a network, identify appropriate security tools to safeguard
systems, explain the value of visualizing a system, and creating an effective monitoring
plan that can be implemented within an organization (USD).
Concluding the objective for this work will exhibit the testing tools, I, as a student, have determined to be useful as part of my testing toolkit for network vulnerabilities.
Virtualized Test Lab Architecture
To utilize penetration testing tools to test a network for vulnerabilities requires the use of special tools and software to execute each task. For the assignments described in this work, a
Virtual Machine was used to run the Kali Linux operating system by Offensive Security. The
Virtual Machine (VM) is the shell that can run Operating systems that are loaded onto it; however, the use of a VM can sometimes be a little shaky. The specific VM we used for this CSOL 570 - Final Project
assignment is the one provided by Oracle. When using a virtual machine to test network vulnerabilities, it is essential to create a “sandboxed” environment or “air-gapped” environment to prevent your actual physical device from being exposed to real vulnerabilities.
Trade Studies
The following trade studies were conducted to educate students on network visualization and vulnerabilities which include surveillance and reconnaissance processes - detailing the commands I myself as a student used to perform actions necessary to complete each task;
Understanding the Threats to Network Security:
“Understanding the Threats to Network Security” taught me the value behind properly establishing a safe penetration testing environment. What stood out to me the most aside from the excitement of using hacker tools to understand how they work, to better assist with blocking adversaries from gaining unauthorized access into a private network was the comparison we had to make with the different tools and determine the pros and cons of each tool. Cost is a massive issue for most companies, so if we can present a reputable argument in a presentation that is easy for stakeholders to understand the chances of us making a change in our organization is much higher as it is our responsibility to bridge the gap from IT to non-IT professionals.
Protecting the Perimeter, Data and Avoiding DoS:
Module three heavily relied on the use of WireShark. Wireshark can be used as a useful tool in a
security engineer’s toolbox because it offers the ability to watch traffic traveling through a
network in an easy way to understand. The packets of information can be traced, and you can pick information out of some packets of data. As a cliché example, the idea of using a public free
Wi-Fi at a coffee shop is typically not the smartest thing to do because as open networks are CSOL 570 - Final Project
usually not secure. When a system is not secure, packets of information can contain usernames
and passwords to sensitive information such as bank accounts and credit card information.
It is important to note that the process of getting other people’s information with the use of
WireShark is illegal because it is considered hacking, which is regarded as a terrorist offense, the law defines hacking as any unauthorized access to data. With that said, it is essential to stick to ethical guidelines when utilizing tools like WireShark outside of the scope of security testing.
The use of WireShark can also provide an engineer with vulnerabilities within the network that need to be corrected to prevent unauthorized access by adversaries to sensitive information.
Vulnerability Detection and Continuous Monitoring:
Module four relied on the comparison of Nessus vs. Nmap. It is important to consider that there are several vulnerability scanners on the internet. However, not all vulnerability scanners work the same. The focus of some tools is to report network vulnerabilities while others provide an array of features. With that said it is important for organizations to use soft wear that best fits their needs. With websites like the Common Vulnerability Database allow for organizations to stay on top of current malicious codes, which may or may not pertain to them directly. All network scanning tools do not work the same so when utilizing a tool it is important to understand its full potential.
Exploiting Vulnerable Systems:
To conclude this module was completed with the use of Metasploit. With Metasploit users can exploit servers and identify vulnerabilities within their network. When trying to attack a server one of the things you need to do is gather information about the server. For a beginner I would advise to utilize Zen Map once you obtain the servers IP address because it is an easy to use tool readily available in Parrot OS which explains what ports are open, and what services are CSOL 570 - Final Project
running, you can also use the NMap command line and utilize command “root@kali:~# nmap -
T4 -A -v 192.168.#.###” and it should show you a list of open ports. Without getting into too much detail Metasploit is a great tool for ethical hackers. Metasploit is a tool designed to be vulnerable which allows users to test their own skills in penetration testing to execute commands on a server.
Intro to IoT – Securing Wireless Devices and Transmissions
Module six is the module which required students to step outside of the box and use additional hard ware in addition to already available tools to scan for network vulnerabilities which can ultimately assist with securing wireless devices and transmissions. This module relied on the use of Kismet. The overall objective for the Kismet study is for students at The University of San Diego to get acclimated with the packet sniffing tool available in Kali Linux on a 802.11 network with the use of a Wi-Fi adapter. The Wireless adapter helped scan the network for packet information in the Kismet web UI. In conclusion I found Kismet to be very similar to
WireShark, but the web-based UI provides more detailed information in a format that’s easier to understand, whereas WireShark can hard to understand for the average user.
Security Tool Kit
As stated, the tools use to complete each module this term consisted of the use of;
Metasploit, OpenVAS, Nessus Essentials, Wireshark, Kismet, Nmap. I personally prefer to use the following tools because they were dynamically easier to understand in nature. Nessus
Essentials, and OpenVAS. What I liked the most about Nessus is the over all look of the program, because it appears to be an upgraded version of OpenVAS. OpenVAS is also simple to understand in nature on the front end. Ultimately both applications you just have to click on a CSOL 570 - Final Project
few buttons to run simple commands and it will generate result for you. The following is a list of the tools, category, summary of tool functionality and an example of use cases.
Tool Name: Metasploit
Tool Category: Exploitation Tool
Summary of Functionality:
Metasploit is a penetration testing tool used by many to test a network for vulnerabilities.
The Metasploit framework, "has become the go-to exploit development and mitigation
tool. Prior to Metasploit, pen testers had to perform all probes manually by using a
variety of tools that may or may not have supported the platform they were testing,
writing their own code by hand, and introducing it onto networks manually" (Petters. J).
It is a technology built to make network testing more simplified. The software is popular
with hackers and widely available, which reinforces the need for security professionals to
become familiar with the framework even if they don’t use it.
Case Examples: Testing for network vulnerabilities.
Tool Name: OpenVAS
Tool Category: Vulnerability Analysis
Summary of Functionality:
Similar to other network vulnerability scanners, “OpenVAS is a full-featured
vulnerability scanner. Its capabilities include unauthenticated testing, authenticated
testing, various high level and low-level Internet and industrial protocols, performance
tuning for large-scale scans and a powerful internal programming language to implement
any type of vulnerability test” (OpenVAS).
Case Examples: Testing for network vulnerabilities. CSOL 570 - Final Project
Tool Name: Nessus Essentials
Tool Category: Vulnerability Analysis
Summary of Functionality:
Similar to OpenVAS, One of the major things to highlight during this trade study is that
Nessus used to be free up until 2005 and then became closed source which offers a free
trial and has a hefty price tag of $2000 plus. OpenVAS is free and available to download
on openvas.org and it only relies on network vulnerability tests, it’s important to consider
that OpenVAS was created from the inspiration of the last free version of Nessus
Case Examples: Discover vulnerabilities, the originating port and additional details of the
health of a network.
Tool Name: Wireshark
Tool Category: Information Gathering
Summary of Functionality:
“Wireshark is a network analysis tool formerly known as Ethereal, captures packets in
real time and display them in human-readable format. Wireshark includes filters, color
coding, and other features that let you dig deep into network traffic and inspect individual
packets” (C. Hoffman). Some fun things to consider is with some packets of date
transmissions it is possible to capture usernames and passwords of users on the network.
Case Examples: Review encrypted or non-encrypted packets of data across a network.
Tool Name: Kismet
Tool Category: Wireless Attack
Summary of Functionality: CSOL 570 - Final Project
Kismet is an 802.11 layer-2 wireless network detector, sniffer, and intrusion detection
system. Note if utilizing a virtual machine you will need to use a Wi-Fi adapter in order
to obtain the results you need.
Case Examples: Detect wireless networks, capture and analyze network traffic in real
time, detect system intrusion
Tool Name: Nmap
Tool Category: Vulnerability Analysis
Summary of Functionality:
Nmap (“Network Mapper”) is a free and open source (license) utility for network
discovery and security auditing. Nmap is a fantastic tool however it is very noisy and
typically firewalls and standard security tools can detect when a scan is being performed,
the trick is scanning the network much quieter with the use of Nmap.
Case Examples: Discover networks and their vulnerabilities, edit security features.
CSOL 570 - Final Project
Lessons Learned / Final Thoughts
In conclusion in CSOL 570 this term I learned how to detect network vulnerabilities through the use of special tools. I plan to use what I have learned in this course in my current role moving forward by means of strategy. Granted using applications like the ones in this assignment are frowned upon by my organization, I can utilize the techniques for each tool and implement them into my organizations testing methods for vulnerabilities weather that is on the machine side, or human side for vulnerabilities. It is important to educate machine end users of associated risk if data is utilized in a way that could compromise an organizations integrity, and security rules. More specifically in my current role at the Department of Defense I work at a data center which requires the due diligence of each user who has access to the information on the servers to protect their computers, emails, and role based knowledge to prevent unauthorized disclosure of data in our servers.
CSOL 570 - Final Project
References
Hoffman, C. (2017, June 14). How to Use Wireshark to Capture, Filter and Inspect Packets.
How-To Geek. https://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-
filter-and-inspect-packets/
OpenVAS. (n.d.). About. OpenVAS - Open Vulnerability Assessment
Scanner. https://www.openvas.org
Petters, J. (2019, August 14). What is Metasploit? The Beginner's Guide - Varonis. Inside Out
Security. https://www.varonis.com/blog/what-is-metasploit/