/
ECSA
/
LPT
EC
Council
M d l XXXVIII
EC
-
Council
M
o
d
u
l
e
XXXVIII
Telecommunication and
Broadband Communication
Broadband Communication
Penetration Testing
Penetration Testing Roadmap
Start Here
Information
Vulnerability External
Gathering
Analysis Penetration Testing
ill
Router and
Internal
F

i
rewa
ll
Penetration Testing
Router

and

Switches
Penetration Testing
Internal

Network
Penetration Testing
IDS
Penetration Testing
Wireless
Network
Penetration Testing
Denial of
Service
Penetration Testing
Password
Cracking
Stolen Laptop, PDAs
and Cell Phones
Social
Engineering
Application
Cont’d

EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Penetration Testing
Penetration Testin
g
Penetration Testing
Penetration Testing
Penetration Testing Roadmap
(cont
’
d)
(cont d)
Cont’d
Physical
Database VoIP
Securit
y
Penetration Testing
Penetration testing Penetration Testin
g
Vi d
Vi
rus an
d

Trojan
Detection
War Dialing
VPN

Penetration Testing
Log
Management
Penetration Testing
File Integrity
Checking
Blue Tooth and
Hand held
Device
Penetration Testing
Telecommunication
And Broadband
Cnitin
Email Security
Penetration Testin
g
Security
Patches
Data Leakage
Penetration Testing
End Here
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
C
ommu
ni
ca
ti
o

n

Penetration Testing
g
Penetration Testing
Penetration

Testing
Broadband Communication
E l td t th t d t t k i
E
mp
l
oyees

connec
t
e
d t
o
th
e

corpora
t
e

an
d
governmen

t
ne
t
wor
k
s

v
i
a

broadband communication are a threat.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Risk in Broadband
Communication
Communication
“Always on” broadband connections serve as a medium for attackers to
attack home computers and networks
attack home computers and networks
.
Internet connection involves a risk of unauthorized access.
For dial-up connections, ISP provides a different IP address for each
login.
High speed of downloading feature benefits the attacker to download
information from the system within minutes.
Virus or Trojans are uploaded to the targeted systems at high speed.
Malicious software can steal confidential information, and thus launch
EC-Council

Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Malicious software can steal confidential information, and thus launch
DoS attacks.
Steps for Broadband Communication
Penetration Testin
g
g
•
Check whether the firewall device is installed on the network.
1
Check whether the firewall device is installed on the network.
2
• Check whether web browsers are properly configured.
3
• Check for operating system configuration options.
4
• Check for wireless and other home networking technologies.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
4
Step 1: Check Whether the Firewall Device
is Installed on Network
Ch k h th th fi ll i i t ll d th t k t
Ch
ec
k
w
h

e
th
er
th
e
fi
rewa
ll i
s
i
ns
t
a
ll
e
d
on
th
e

ne
t
wor
k
or

no
t
.
All the home networks connected to the corporate network via

broadband connection should install the firewall.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 1: Check Whether the Firewall Device
is Installed on Network
(
cont’d
)
()
•
Check whether personal and hardware firewalls are installed.
1.1
Check whether personal and hardware firewalls are installed.
Check hether these fire alls pre ent intr ders or detect an
1.2
•
Check
w
hether these fire
w
alls pre
v
ent intr
u
ders or detect an
y

rogue software.
1.3

• Check whether the logging is enabled on the firewall.
1.4
• Check whether the firewall is in stealth mode.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
1.4
Step 1.1: Check Whether Personal and
Hardware Firewall are Installed
A l fi ll i ll d h id i
A
persona
l fi
rewa
ll i
nsta
ll
e
d
on

t
h
e

system

prov
id
es


secur
i
ty

to

the user’s system.
A hardware firewall placed between the broadband connection
and the network provides more security to the network.
Check whether personal and hardware firewall are installed or
not
not
.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 1.2: Check Whether These Firewall
Prevent Intruders or Detect Any Rogue
Software
Software
Check whether these firewalls
p
revent intruders or detect the
p
software sending important data the from the company’s network
to an external system.
Try to send any known harmless virus or Trojan into the
network, and check whether the firewall is active or not.
EC-Council

Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 1.3: Check Whether the Logging is
Ena
b
led on the Firewall
b
Check whether the logging is enabled/disabled on the
Check whether the logging is enabled/disabled on the
firewall.
If the logging is disabled, intrusion attempts will go
unnoticed.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 1.4: Check Whether the Firewall
is in Stealth Mode
Ch k h fi ll fi i d h h h fi ll i
Ch
ec
k
t
h
e
fi
rewa
ll
con
fi
gurat

i
on,

an
d
see

w
h
et
h
er

t
h
e
fi
rewa
ll i
s

in stealth mode.
If it is in stealth mode, the system hides the targeted system and
does not respond to the selective port scanning.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 2: Check Whether Web
Browsers are Properly Configured
Browsers are Properly Configured

21
• Check whether the browser has default configuration.
2
.
1
2.2
• Check for the browser plug-ins.
2.3
• Check whether the active code is enabled.
2.4
• Check whether the browser version is updated.
2.5
• Check whether the cookies are enabled.
•
Check whether the scripting languages are enabled
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
2.6
•
Check whether the scripting languages are enabled
.
Step 2.1: Check Whether the Browser
has Default Confi
g
uration
g
Check whether the security
level of the web browser is
set at default level.

Improper or default
Improper or default
configuration of a web
browser may make it
vulnerable to attacks.
vulnerable to attacks.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 2.2: Check for the Browser
Plugins
Plugins
Browser plug-ins should be limited to only those required by
th d
th
e

en
d
user.
Browser
p
lu
g
-ins are vulnerable to attack.
pg
Check whether the installed plug-ins are from trusted sites.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited

Step 2.3: Check Whether Active
Code is Enabled
Code is Enabled
Check whether the ActiveX controls are enabled or disabled.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 2.4: Check Whether the Browser
Version is U
p
dated
p
Check whether the browser is latest and secure.
Check whether the automatic update option is on or not.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 2.5: Check Whether the
Cookies are Enabled
Cookies are Enabled
Check whether the cookies are enabled or not
Check whether the cookies are enabled or not
.
Try to read the cookies from the browser
Try to read the cookies from the browser
.
Use some tools such as cookie viewer to view the content of
the cookies.
EC-Council
Copyright © by EC-Council

All Rights reserved. Reproduction is strictly prohibited
Step 2.5: Check Whether the
Cookies are Enabled
Cookies are Enabled
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 2.5: Check Whether the
Cookies are Enabled
Cookies are Enabled
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 2.6: Check Whether the
Scri
p
tin
g
Lan
g
ua
g
es are Ena
b
led
pg gg b
Scripting languages are
vulnerable to attacks.
Check if the scripting options
are enabled or not.

EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 3: Check for Operating System
Confi
g
uration O
p
tions
gp
31
• Check whether the operating system and application software
are updated
3
.
1
are updated
.
32
• Check whether the file and printer sharing option is enabled.
3
.
2
• Check whether the anti-
v
irus
p
ro
g
ram is enabled.

3.3
pg
• Check the confi
g
uration of anti-
v
irus
p
ro
g
ram.
3.4
g
pg
• Check whether anti-s
py
ware is enabled.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
3.5
py
Step 3.1: Check Whether Operating System
and A
pp
lication Software are U
p
dated
pp p
Check whether the operating

system and application
software are of latest version
software are of latest version
.
Use of old and unsecure
i b l bl
v
ers
i
on

may
b
e

vu
l
nera
bl
e

to

attack.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 3.2: Check Whether the File and
Printer Sharin
g

O
p
tion is Ena
b
led
gp b
Ch k h th th fil d i t h i ti i bl d
Ch
ec
k
w
h
e
th
er
th
e
fil
e

an
d
pr
i
n
t
er

s
h

ar
i
ng

op
ti
on
i
s

ena
bl
e
d
.
Go to the control panel and check the printer and hardware option
å
Go to the control panel and check the printer and hardware option
å
Printer and Faxeså select any printer, right-click, and select
Sharing.
Try to access the file and printer available in the network.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited
Step 3.3: Check Whether the
Anti
-
Virus Programs are Enabled
Anti

Virus Programs are Enabled
Ch k h h h i
i bld
Ch
ec
k
w
h
et
h
er

t
h
e

ant
i
-v
i
rus

programs

are

ena
bl
e
d

or

not.
Send any virus program over the system, and check
whether the anti-virus is active or not.
EC-Council
Copyright © by EC-Council
All Rights reserved. Reproduction is strictly prohibited