Information Security Philippines

presents

Network Vulnerability Assessment Workshop

March 26, 27 and 28 2008

In today’s world, it is getting more and more important for businesses to be connected and be accessible through the Internet. Businesses now put more stock into the viability of the net in increasing their profit margin and in large extent their public exposure. Thus, more financial value gets imbued into the data that goes around the wires.

That’s where the value of information security comes into play; assessing one’s readiness in defending information assets comes as a direct result of proper Vulnerability Assessment and to a larger scale of risk management. Getting one’s feet wet on VA will benefit not only the company’s security stance but also the individual’s appreciation of what could possibly lie ahead in terms of threats and risks, realization would also set on the extent of knowledge, time and investment to fully prepare one’s company in facing the growing challenges of today and tomorrow’s Internet.

Course Objectives:

At the end of the training, you should be able to:

• Determine the boundary of analysis and schedule of assessment
• Perform threat and impact analysis
• Define and verify policies of target assets for VA
• Execute active and passive information gathering techniques
• Utilize vulnerability scanning tools
• Generate technical and managerial VA reports

Who Should Attend:

• Network Managers
• System Administrators
• IT Managers
• IT Auditors
• Security Professionals

Course Outline:

 

DAY 1

 

• • Information Security Concepts
  • The Need for Information Security
  • Vulnerability Assessment Overview
  • The Security Process
  • Information Security Life Cycle
  • Threats to Computer and Network Systems
  • What is Ethical Hacking?
  • Types of Ethical Hacking
  • Responsibilities of an Ethical Hacker
  • Skills Requirements
  • Customer Expectations
  • Relevant Laws

• Introduction
  
• Foundations

DAY 2

 

• • Formal Methodologies
  • Methodology Overview
  • Open Source and Commercial Tools
  • The Live CD Approach
     

  • • Passive Information Gathering
    • Active Information Gathering
    • Social Engineering

    • Tools and Online Resources
    • Google Hacking

  • Project Start-Up
  • Information Gathering
  • Threat and Impact Analysis
  • Reconnaissance and Enumeration

• Getting Started
• Vulnerability Assessment

DAY 3

 

• • • Technical Report
    • Managerial Report

  • Vulnerability Scanning
  • Report Generation
  • Web Application Securit
     

  • Summary
  • Information Security Policies
  • Introduction to Penetration Testing

• Vulnerability Assessment
• Synopsis

Miscellaneous

Reports

Checklists

Technical Reports

Managerial Reports

Please bring your laptop.

Trainer’s Profile:

Ariel Ben T. Senga, CISSP

Ariel is the President and CEO of SeQure Technologies, which he cofounded in 2005. He is also a Certified Information Systems Security Professional. Ariel has intensive experience in various information systems management and development in IT, communications, manufacturing, government, and engineering industries. He has conducted various engagements related to IT internal control reviews, standards compliances, and internal audit reviews.

Currently, he has been managing all of SeQure Technologies’ security services such as vulnerability assessments, penetration testing, security assessments and audits, policy controls, and network infrastructure deployments.

Ariel has developed training courses in security awareness, network vulnerability assessment and penetration testing. As with course development, Ariel has presented in Universities and Colleges in the Philippines as an information security advocate.

Training Schedule: March 26, 27 and 28, 2008 (3 Days w/ Lunch + Refreshment Snacks)

Course Fee: PhP 17,500.00 (Exclusive of 12% VAT)

Includes: Student Manual, Live CD, and Certificate of Completion

Venue: CEO Suite, 37th Flr. LKG Tower 6801 Ayala Ave. 1226 Makati City

For more details, please call or text Pamela Chua at +63 922 8742757 or email pam@poshmarketingservices.com.

Cancellation of registration should be made seven working-days before the training date. Otherwise, 50% of the training fee shall be charged. No show during the training shall be charged 100% of the training fee.

Two zero-day exploits for remote code execution flaws in Yahoo! Messenger’s Webcam application have been released.

One of the flaws is a boundary error in the Yahoo! Webcam Upload ActiveX control; the other is in the Yahoo! Webcam Viewer ActiveX control.

Yahoo! expects to have a fix for the flaws available soon.  The flaws have been confirmed in Yahoo! Messenger version 8.1.0.249 and may exist in other versions as well.

{Update: As of Friday, June 8, 2007, Yahoo! has already prompted yahoo messenger users to download and install a security upgrade to patch the security issue}

More info here on the Yahoo! ActiveX Flaw.

Hackers are developing increasingly stealthy techniques to evade detection.  The attacks place malicious code on web sites, then keep track of the IP addresses that have visited infected sites; if the same IP address attempts to view the malicious site again, benign content is offered in its stead.

The attacks are also capable of identifying “the IP addresses of web crawlers used by URL filtering, reputation services and search engines,” and serve legitimate content to avoid being identified as malicious.

Recent findings reveal that hackers have created a new class of highly evasive attacks which represent a quantum leap in terms of technological sophistication, going far beyond drive-by downloads and code obfuscation.

The combination of these evasive attacks with code obfuscation techniques significantly enhances the capability of sophisticated hackers to go undetected.

A follow-up study conducted by Finjan’s Malicious Code Research Centre warns of the growing presence of malicious code in online advertising.

More info at: VNUNet

Microsoft has released a free tool called Microsoft Office Isolated Conversion Environment, or MOICE, to help protect users from malware placed in Office files, a vector of attack that has recently gained popularity. 

MOICE converts Word, Excel and PowerPoint docs to their OpenXML counterparts and opens them in a quarantined environment to protect users’ computers from embedded malicious payloads designed to exploit holes in Microsoft Office. 

MOICE works in tandem with the File Block, a tool that allows administrators to establish group policies regarding users’ permissions to open certain file types.  Both tools work out of the box with Microsoft ffice 2007. 

Microsoft Office 2003 users need to install the Compatibility Pack for Word, Excel and PowerPoint 2007 Office File Formats first. 

There currently is no protection offered for users running versions prior to Microsof Office 2003.

http://support.microsoft.com/kb/935865

This just in from Wordpress awhile ago…

We have a security update release now available for both the 2.1 and 2.0 branches of WordPress now available for immediate download. This update is highly recommend for all users of both branches.

These releases include fixes for several publicly known minor XSS issues, one major XML-RPC issue, and a proactive full sweep of the WordPress codebase to protect against future problems.

It isn’t April 1 anymore so this probably is the real thing. Make sure you guys update to this new version since it provides some important security fixes which if left unpatched will surely be easy to exploit.

Don’t forget to backup and test your backups first Good luck!

National Cyber Alert System
Technical Cyber Security Alert TA07-089A
Microsoft Windows ANI header stack buffer overflow

Original release date: March 30, 2007
Last revised: –
Source: US-CERT

Systems Affected

Microsoft Windows 2000, XP, Server 2003, and Vista are affected. Applications that provide attack vectors include:

* Microsoft Internet Explorer
* Microsoft Outlook
* Microsoft Outlook Express
* Microsoft Windows Mail
* Microsoft Windows Explorer (more…)

Secunia reports that an anonymous person discovered that it’s possible to partially spoof the Microsoft Internet Explorer (IE) 7.0 Address bar in a pop-up window, which might lead to phishing attacks. When showing an address with special characters, the Address bar might display incorrect or incomplete information to the user that tricks the user into unintended actions. Microsoft is aware of the problem, however no patch is available at this time. A workaround suggested by the United States Computer Emergency Readiness Team (US-CERT) is to disable Active Scripting in the Internet Zone.

Phishers have begun using SMS messages as an attack vector. Users have reported receiving SMS messages purporting to confirm that they have signed up for a dating service and notifying them they will be charged US$2 a day until they cancel the order at a certain web site. That site downloads a Trojan horse program onto their phones, allowing it to be controlled by the attackers. The practice has been dubbed SMiShing.
(more…)

Following the directions that come with mobile devices, such as phones and PDAs, to remove data before selling or recycling them is not enough to ensure the next person who holds the device will not be able to see your private information.

Data can still be retrieved from phones that have been reset. A security software company that purchased 10 used smartphones and PDAs on eBay found sensitive, personally identifiable information on nearly all of them.

The company plans to return all the phones to their original owners and has kept all the data it retrieved from the phones on a computer not connected to its corporate network.

Some companies have provided stronger data wiping functions in their newer devices.
http://www.theage.com.au/news/Technology/Software-Can-Resurrect-Cell-Phone-Info/2006/08/31/1156816976190.html
http://software.silicon.com/security/0,39024888,39161863,00.htm
http://www.vnunet.com/vnunet/news/2163176/pdas-sold-ebay-loaded-sensitive

An alert from Cisco Systems Inc. describes an unintentional password modification vulnerability in multiple firewall products that could be exploited to change passwords without user interaction and allow “unauthorized users to gain access to a device that has been reloaded after passwords in its startup configuration have been changed. Authorized users can be locked out and lose the ability to manage the affected device.”  

The flaw affects Cisco PIX 500 Series Security Appliances, Cisco ASA 5500 Series Adaptive Security Appliances and Firewall Service Module (FWSM) for Cisco Catalyst 6500 switches and Cisco 7600 Series Routers running affected versions of the software.

Cisco has issued software to address this vulnerability.  A second alert from Cisco describes a pair of flaws in Cisco VPN 3000 series concentrators with FTP file management enabled that could be exploited to execute some FTP commands and delete files.  Cisco has issued free software to address these two flaws and also made workarounds available.
http://www.cisco.com/en/US/products/products_security_advisory09186a00807183b0.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080718330.shtml