Читать книгу Penetration Testing For Dummies - Robert Shimonski - Страница 19

Basic networking includes, but is not limited to, understanding the OSI (open systems interconnect) model. Knowing how data transits from one location (a sender) to another (a receiver) is key to being able to unwind how many attacks occur.

It also includes knowing how routers, switches, hubs, load balancers, firewalls, intrusion prevention devices, and other network black boxes on the wire work. (Black-box security testing refers to testing software security from the outside in. Generally, the tester has little or no knowledge of the internal workings.) If you pen test a router, you need to know how it operates.

The TCP/IP protocol suite also falls under basic networking knowledge. The transmission control protocol (TCP) and Internet protocol (IP) controls how computers connect to the Internet. It includes many of the protocols in the 7-layer OSI model. The Open Systems Interconnection (OSI) model is used as a logical framework to show how data travels from the source to the destination and back to the source through the many technologies that comprise the network, systems, and applications. It’s a model of standards that shows the under the hood actions of the technologies at each layer. Figure 1-2 shows an example of the OSI model.

FIGURE 1-2: Examining the OSI model.

The protocols used in a suite (such as TCP/IP) map to the various layers of the model and perform different functions. For example, FTP operates at a higher layer in the model than TCP or IP. The theory is that, if the lower layers don’t work, then the higher layer protocols won’t operate correctly. The OSI allows you to troubleshoot problems in a workflow manner.

Figure 1-3 shows a wire packet capture that shows a lot of the information you need to read through to conduct a pen test with a tool such as Wireshark. Here you can see packets that when captured can be decoded to tell you the details within them.

Having knowledge of these protocols, how and where they operate, and what is contained in the frames, headers, and other inner details of the packet is what will make you a great pen tester. If you run a pen test and it reports back, for example, that you have a vulnerability in telnet that’s sending packets back and forth in cleartext, you need to determine what path a hacker may take. You can more easily make that determination if you know how the protocols work and what is expected behavior and what can be manipulated versus what could be impacted by a software bug. This way, you can test it yourself first to identify whether you have an issue that might need to be remediated or mitigated.

I highly recommend that you study more on TCP/IP. It’s the main protocol suite in use today across the world; when it was first put into production many years ago it came with many flaws. Its ease of use is one of the biggest flaws and the fact that security was an afterthought behind usability. That said, today’s networks and systems can account for these flaws, but there is always danger in the shadows. Study TCP/IP and all of its sub-protocols and how they work to get better at testing weaknesses in your enterprise.

FIGURE 1-3: Digging into a network packet capture.