구현기능 |
[모의해킹]
-방식 : Black Box Testing -> Blind Test
-수동적 정보수집
DNS 정보수집 : Zone Transfer, Dictionary Attack
-능동적 정보수집
Active Host Scanning, Port Scanning, IDLE scanning, OpenVAS
-공격수행
>Metasploit
>Network : Arp spoofing, icmp spoofing, DHCP Attack(starvation->spoofing), GRE Sniffing
IP spoofing, DNS Cache Poisoning, TCP session Hijacking
>System : 악성코드(RAT, Backdoor), Password Cracking(Hydra, john-the-ripper)
>WEB
1)정보수집 : WEB spidering, Vulnerability Scan
2)Bypassing Client Validation
3)WEB 인증공격 : Parameter Brute Forcing
4)WEB 세션공격 : Brute Forcing Session Token, WEB Session Fixation, WEB Session Hijacking
5)XSS, SQL Injection, Directory Listing
6)File Down/Upload
7)SSL Attack(SSL MITM, STRIP)
-DOS : Syn Flooding, TCP Connetion Flood, UPD Flooding, ICMP Flooding
-DDOS : GET Flooding, Hulk, CC Attack, Slow HTTP POST
1) Network
-Hierarchical 3 layer 모델 기반 Network 토폴로지 설계
-DMZ(WEB Server1,2, IDS, Mail), User Zone(인사, 영업, 마케팅, IT지원팀),
Server farm(Group ware, FTP, DNS, ESM, Backup, Database) 3개의 네트워크망으로 분리
-Network 할당 내역
DMZ(192.168.1.0/24), User Zone(192.168.2.0), Server Farm(192.168.3.0/24),
Backbone Area(192.168.4.0/24), DNS Zone(192.168.5.0)
- OSPF, Static Routing, NAT, VLAN, GW 이중화, SLB, Spanning Tree
VPN(Remote Access), Port mirroring, SSH, SSL, Router DHCP, Backbone Switch,
L4 switch(Alteon), Router ACL, TFTP
2) System
- Disk Raid(5level), Cron(백업예약), logrotate, 백신
3) Service
- WEB(2Tier), DB, DNS, Mail, FTP(Virtual host), Backup, Groupware
4) 보안
- iptables(Host/Network), WAF(WAPPLES), UTM(Sophos), NAC(Untangle),IPS/IDS(Snort),
ESM(Elastic Search), PAM, DNSSEC, Traffic Monitoring(Bandwidthd), Secure Coding |