[PEN-TEST] Software Test Procedures Request for Assistance

From: Brian (bsshuhartat_private)
Date: Thu Apr 26 2001 - 15:34:07 PDT

  • Next message: Matthew Wagenknecht: "Re: [PEN-TEST] Websense bypass ?"

    I am developing software testing procedures for Penetration Testing tools
    downloaded from the Internet.  Below is a list of the procedures I have
    developed so far.  Please provide comments on areas needing improvements or
    the locations of other papers developed for this purpose.  I am looking for
    suggestions on tools to use to monitor changes to the NT and 2000 registry
    and tools to look for malicious code signatures in source code and compiled
    programs.
    
    I will post combined information to this list and the white papers section
    of Security Horizon web page (www.securityhorizon.com) when complete.
    
    1.  Perform all testing on a closed private network.
    
    2.  Download tools with a non-administrator account (my opinion: you should
    not be surfing the web as an administrator anyway)
    
    3.  Virus scan the tool with the latest virus signatures.
    
    4.  Start with a standard baseline for the test machine.  Things to know
    about test system.
        a. Current service pack and patch level.
        b. Current open ports and active services.
        c. UNIX systems - all suid and sgid programs.
        d. List of all users and passwords for all accounts including locked.
        e. List of all locked or disabled accounts.
        f. Vulnerabiltiy scan the system with your scanner of choice.
        g. Any suggestions on what else to document, look for, or use to
    establish and maintain a standard baseline.
    
    5.  All utilities used during the test should be run from a system other
    than the one with the tool in question.
    
    6.  Start a network monitoring tool before putting the tool on a system in
    the network.
    
    7.  Sneaker net the tool to the test network.
    
    8.  Unzip/untar files if needed and virus scan again.
    
    9.  Install and test run the tool.
    
    10.  Virus scan the test system.
    
    11. Port scan the test system.
    
    12. Vulnerability scan the test system.
    
    13. Take another snap shot of the test system baseline and compare with the
    original results.
    
    14. Let system run for a few days (this will not catch all time or logic
    bomb code, but its a start)
    
    15. Uninstall the tool.
    
    16. Virus scan the test system again.
    
    17. Port scan the test system again.
    
    18. Vulnerability scan the test system again.
    
    19. Take a third snap shot of the test system baseline and compare with the
    previous results.
    
    20. Review the logs generated by the network monitor.
    
    
    Thanks in advance
    bs
    



    This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 20:30:21 PDT