Tags |
|
|
Links |
|
|
Actual - Penetration Testing on a Switched LAN
In this is article we will explore the presence of known vulnerabilities in switched LAN’s. I hope to open your eyes on some of the techniques & tools that can be freely downloaded and used to test your network. Let’s start out with some of the basics we see in most small to medium networks. Now we need to start assessing the network and gath
According to USFDA, a combination product is one composed of any combination of a drug and device; biological product and device; drug and biological product
ering information on it. We need to look at few things first to better understand the obstacles we might face on a pen test. Start with these basic questions as a foundation to gathering information.
Where are the switches located?
Can you gain access to the equipment?
What kind & type of switches or hubs are in the network?
A
Where are the switches located?
Can you gain access to the equipment?
What kind & type of switches or hubs are in the network?
A
; or drug, device, and biological product and fixed dose combination would include two or more combinations of drug.
Examples of combination products may in
Examples of combination products may in
re the switch’s manageable and do they have a web interface?
What is the physical topology or design of the network?
Do the switches have security features (IDS) and are there VLAN’s being used?
Once we have the basic information on the network design and the equipment used in the network we need to research the vendor’s security b
What is the physical topology or design of the network?
Do the switches have security features (IDS) and are there VLAN’s being used?
Once we have the basic information on the network design and the equipment used in the network we need to research the vendor’s security b
lude drug-coated devices, drugs packaged with delivery devices in medical kits, and drugs and devices packaged separately but intended to be used together.
lletins to see if there are any known exploits to test. If this network has wireless there are a lot of other techniques we can deploy to find vulnerable points. At this point we should also look at what Physical media is used to move data on the network (CAT5, Fiber, or Wireless). Once you know what the network media is you can figure out th
here is enormous increase in the number of combination products entering the market in the recent years. Combination products have proven advantages but fixe
e best way to tap into it. Below are some ideas on tapping into the network and tools used.
Ethernet (CAT3, CAT5, or CAT6):
To tap Ethernet it’s normally done by using a protocol sniffer like Ethereal. To sniff on an Ethernet LAN you need to have access to the network via switch port of other network connection.
Fiber (Gig-e or FDDI):<
Ethernet (CAT3, CAT5, or CAT6):
To tap Ethernet it’s normally done by using a protocol sniffer like Ethereal. To sniff on an Ethernet LAN you need to have access to the network via switch port of other network connection.
Fiber (Gig-e or FDDI):<
d dose combinations are still in the process of convincing regulatory authority on their advantages over the single ingredient formulations.
Combination pro
Combination pro
r>
To tap a fiber network you need an optical splitter like “netoptics”. To tap with a splitter you will have to have access to the fiber lines. Once you have the splitter installed you can run ethereal or any other network sniffer.
Wireless (802.11 A, B, & G):
To tap wireless you need to first identify what kind of signal the network
Wireless (802.11 A, B, & G):
To tap wireless you need to first identify what kind of signal the network
ucts have become life saving products for the pharmaceutical companies who doesn’t have many innovative molecules in their product pipeline and have been inc
is using. Most common networks will be using 802.11 B or G but there are some networks that have an 802.11 A. To find out what the type of wireless is you can run software like Network Stumbler. Network Stumbler will allow you to see the access points and all the need info about them like the channel, signal, encryption used. Once you know wh
easingly used in the product life cycle management. Even the companies having product patents are trying to extend their product life cycle through the combi
t if the AP is open or encrypted you can plan you path to accessing the network. If you find the wireless network is encrypted you will have to find tools to crack the encryption. For WEP encryption you can use tools like AirCrack to break the encryption. Once you have gained access to the wireless network you will use a network sniffer like
nation products and maximize the revenues. But the companies involved in this practice are overlooking that they are burdening the patients both economically
ethereal to capture packets.
Sniffing/ Tapping the Network
As I have stated above Ethereal is a very good (and free) network sniffer but there are many other protocol Sniffing tools on the internet many are free but some vendor charge for there tools. The idea behind sniffing is that you can see all the packets on the network. With the abil
Sniffing/ Tapping the Network
As I have stated above Ethereal is a very good (and free) network sniffer but there are many other protocol Sniffing tools on the internet many are free but some vendor charge for there tools. The idea behind sniffing is that you can see all the packets on the network. With the abil
and physically. They need to rightly judge the benefits of the combination products and they have to even look at the risks involved when combining the produ
ty to see the packets and capture them you can reconstruct the data that flows over the network and gain access to passwords and password hashes. Other useful data you can collect is e-mails, website data, database info, & a lot of other sensitive info. Some obstacles you may face sniffing is that if the network is switched you will only see
ts. Some of the combination products were well accepted by physicians while others suffered. Companies involved in development of combination products are fi
broadcast traffic and traffic directed to your IP. To solve this problem you will have to sniff on a trunk port, mirror port, or spoof the network traffic to pass though your port. One good tool to sniff and spoof is Cain & Able, with Cain you can also sniff for VoIP calls and many other passwords.
Port Scanning
Port scanning is a way of te
Port Scanning
Port scanning is a way of te
ding difficulty in defining their combination products and facing various challenges from selecting a combination to marketing it.
Following aspects would a
Following aspects would a
sting network devices to see what communication ports might be open. This can be done from a LAN, WAN, MAN, or the internet. Port scanners are some of the most used tools by pen tester to so what is open and how to best identifier devices and services running on network devices. For example if you port scan an IP and you see port 25 open then
dd to the challenges in developing combination products:
Which markets to tap where the combination products can do fairly well?
Which combination prod
Which markets to tap where the combination products can do fairly well?
Which combination prod
there is a possibility that a mail service is running. Next step to test port 25 might be to telnet to the port and see if the reply is a banner. If the device is a mail server it will normally report back to your telnet session with a service banner. Microsoft Exchange server will report its SMTP name and the version of Exchange running on t
cts are meaningful and rational?
Which therapeutic categories to select?
Which Combinations can address unmet needs of the patients?
Do combin
Which therapeutic categories to select?
Which Combinations can address unmet needs of the patients?
Do combin
he server. Other interesting ports are 23 Telnet, 21 FTP, 23 SSH, 80 HTTP, 443 HTTPS, and 3389 Terminal servers (RDP). Some good programs for port scanning are SuperScan (from foundstone), Nmap (from insecure.org) and X-scan (from xfocuse.com). There are hundreds of scanners on the internet and many are specialized for scanning for certain se
tions increase the patient compliance?
What would be the developing cost?
How to tackle the risks encountered during combination product developmen
What would be the developing cost?
How to tackle the risks encountered during combination product developmen
vices or exploits. If you want more information on port scanning just Google it and you will be busy for months.
Password Recovery
Password recovery can be done remotely or physically with software. On windows PC’s you can run programs remotely like PWDump and if you have access you can run many different kinds of bootable disk to change an
Password Recovery
Password recovery can be done remotely or physically with software. On windows PC’s you can run programs remotely like PWDump and if you have access you can run many different kinds of bootable disk to change an
t?
As combination products don't fit into the traditional categories of drugs, medical devices, or biological products, the USFDA is in the process of devel
As combination products don't fit into the traditional categories of drugs, medical devices, or biological products, the USFDA is in the process of devel
d recover passwords. Other password recovery methods include running Hash or Sam files recover tools from the PC on a users account. With the SAM file of Hashes you can then proceed to crack the hash to gain the password.
Password Cracking
Password cracking is done by taking an encrypted value (Hash) and using a technique to crack or revers
Password Cracking
Password cracking is done by taking an encrypted value (Hash) and using a technique to crack or revers
ping new procedures for reviewing their safety, efficacy and quality.
Professional from academic institutions, pharmaceutical industries, health care indust
Professional from academic institutions, pharmaceutical industries, health care indust
engineer it. A few commend type of cracking is running deanery, Burteforce, or Cryptanalysis attacks on the hash. There are many programs on the internet to run dictionary & Burteforce attacks but the fastest way to crack passwords is to use rainbow Tables on them. There are a few rainbow tables cracking sites online and the program rcrack.e
y and representatives from various regulatory agencies are working out to design the regulatory requirements for manufacture and sale of combination products
xe is a free download with source code from “antsight.com/zsl/rainbowcrack” The most popular site to crack hashes online is plain-text.info and they allow 2 hashes free per hour to crack. With rainbow tables a pen tester’s life has gotten a lot easier. Older methods of cracking like “Burteforce” can take months to crack a password and diction
.
As there is an increasing trend of the combination products companies manufacturing such products should be able to tackle the problems involved in the de
As there is an increasing trend of the combination products companies manufacturing such products should be able to tackle the problems involved in the de
ry attacks only work if the password is a commend word.
So far we have discussed how to analyze a network and then profile it for a pen test. We have also covered ways to tap/sniff the network for data. With the little info we have discuses it should prove as a good primer session to show you where to start with pen testing. All the tools me
So far we have discussed how to analyze a network and then profile it for a pen test. We have also covered ways to tap/sniff the network for data. With the little info we have discuses it should prove as a good primer session to show you where to start with pen testing. All the tools me
elopment. They need to be wiser in analyzing the market trends and the regulatory requirements.
Companies that provide selfless information through particip
Companies that provide selfless information through particip
ntioned in this article are easily found on the internet and all the tools talked about in this article are free for download. If you need any help with pen testing just use the internet as there are many guides around that cover specialized areas of pen testing. Remember that the whole idea behind pen testing to learn and secure your network
tion in industry events and feedback to regulatory authorities would be able to face the challenges and will be successful in developing combination products
HTTP = HTML link (for blogs, profiles,phorums):
<a href="http://www.actual.org.ua/article/170219/actual-Penetration-Testing-on-a-Switched-LAN.html">Penetration Testing on a Switched LAN</a>
BB link (for phorums):
[url=http://www.actual.org.ua/article/170219/actual-Penetration-Testing-on-a-Switched-LAN.html]Penetration Testing on a Switched LAN[/url]
Related Articles:
Six Sigma and Statistical Methods
Untraditional Method for Business Marketing
Are You a Home Based Business Entrepreneur?
Bookmark it:
|