{"id":393,"date":"2015-11-08T20:42:55","date_gmt":"2015-11-08T20:42:55","guid":{"rendered":"http:\/\/nethemba.com\/sk\/?page_id=393"},"modified":"2019-08-05T12:17:52","modified_gmt":"2019-08-05T11:17:52","slug":"externy-blackbox-penetracny-test","status":"publish","type":"page","link":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/","title":{"rendered":"Extern\u00fd (blackbox) penetra\u010dn\u00fd test"},"content":{"rendered":"<p>Uveden\u00e9 testovanie pozost\u00e1va z viacer\u00fdch f\u00e1z, ktor\u00e9 s\u00fa realizovan\u00e9 v s\u00falade s <a href=\"http:\/\/www.isecom.org\/research\/osstmm.html\">OSSTMM<\/a>.<\/p>\n<p>Pou\u017eit\u00e9 n\u00e1stroje a postupy s\u00fa definovan\u00e9 v <a href=\"http:\/\/www.vulnerabilityassessment.co.uk\/Penetration%20Test.html\">Penetration Testing Framework<\/a>.<\/p>\n<p>Test je realizovan\u00fd z poh\u013eadu potenci\u00e1lneho anonymn\u00e9ho \u00fato\u010dn\u00edka z Internetu, ktor\u00fd nedisponuje \u017eiadnymi inform\u00e1ciami o testovanej topol\u00f3gii a testovan\u00fdch slu\u017eb\u00e1ch.<\/p>\n<p>Samotn\u00e9 testovanie prebieha <strong>v troch f\u00e1zach:<\/strong><\/p>\n<ol>\n<li>Prv\u00e1 f\u00e1za predstavuje scan (enumer\u00e1cia) kompletn\u00e9ho rozsahu TCP\/UDP portov (1-65535) dan\u00e9ho akt\u00edvneho prvku (server, router v Internete\/DMZ). Je mo\u017en\u00e9 realizova\u0165 \u0161peci\u00e1lny anti-IDS scan, kedy sa zni\u017euje mo\u017enos\u0165 jeho detekcie pr\u00edpadn\u00fdmi IDS (vhodn\u00e9 na overenie spr\u00e1vnej funkcionality IDS). Pri enumer\u00e1cii sa pou\u017eije TCP SYN (Half-Open), TCP (full connect), TCP fragmenty v opa\u010dnom porad\u00ed a UDP scan.<\/li>\n<li>N\u00e1jden\u00e9 slu\u017eby ako aj verzie OS\/IOS s\u00fa v druhej f\u00e1ze identifikovan\u00e9 a pomocou sady \u0161pecializovan\u00fdch testovac\u00edch programov s\u00fa odhalen\u00e9 potenci\u00e1lne zranite\u013enosti. S\u00fa\u010dasne s\u00fa odhalen\u00e9 ne\u0161tandardn\u00e9, \u0161ifrovan\u00e9 protokoly (VPN) a pou\u017eitie IPv6. V pr\u00edpade odhalenia VPN slu\u017eieb (IKE hosts), je analyzovan\u00e1 ich verzia a typ implement\u00e1cie, na z\u00e1klade \u010doho s\u00fa identifikovan\u00e9 pr\u00edpadn\u00e9 zranite\u013enosti.<\/li>\n<li>Tretia f\u00e1za pozost\u00e1va z konkr\u00e9tnych \u00fatokov na server pomocou vo\u013ene pr\u00edstupn\u00fdch programov (exploit skriptov) na objaven\u00e9 chyby a overenie re\u00e1lnej hrozby n\u00e1jden\u00fdch zranite\u013enost\u00ed.<\/li>\n<\/ol>\n<p>Ka\u017ed\u00e1 odhalen\u00e1 slu\u017eba je detailne otestovan\u00e1 na zn\u00e1me zranite\u013enosti ved\u00face ku kompromitovaniu servera, pr\u00edpadne \u00faniku citliv\u00fdch inform\u00e1cii.<\/p>\n<p><strong>Testovanie zah\u0155\u0148a:<\/strong><\/p>\n<ul>\n<li><strong>Kontrolu zranite\u013enost\u00ed<\/strong> \u2013 vykonanie bezpe\u010dnostn\u00e9ho scanu na odhalenie dostupn\u00fdch existuj\u00facich zranite\u013enost\u00ed v slu\u017eb\u00e1ch zisten\u00fdch po\u010das porstcanu<\/li>\n<li><strong>Prienik<\/strong> \u2013 snaha o zneu\u017eitie dostupn\u00fdch zranite\u013enost\u00ed a nedostato\u010dnej konfigur\u00e1cie za \u00fa\u010delom prieniku do ostatn\u00fdch syst\u00e9mov a zariaden\u00ed, zv\u00fd\u0161enia u\u017e\u00edvate\u013esk\u00fdch opr\u00e1vnen\u00ed a pr\u00edstupu k prostriedkom<\/li>\n<li><strong>Zbieranie Inform\u00e1ci\u00ed<\/strong> \u2013 o cie\u013eovom syst\u00e9me s\u00fa zozbieran\u00e9, identifikovan\u00e9 a analyzovan\u00e9 v\u0161etky inform\u00e1cie, vr\u00e1tane verzie webov\u00e9ho serveru, pou\u017eit\u00fdch modulov, programovej platformy, WAF a pr\u00edstupov\u00fdch bodov do aplik\u00e1cie<\/li>\n<li><strong>Enumerovanie a Mapovanie Zranite\u013enost\u00ed<\/strong> \u2013 pomocou intruz\u00edvnych met\u00f3d a techn\u00edk (\u0161peci\u00e1lne skon\u0161truovan\u00e9 HTTP\u00a0\u017eiadosti) s\u00fa identifikovan\u00e9 potenci\u00e1lne slabiny\u00a0(pou\u017eit\u00e9 s\u00fa \u0161peci\u00e1lne bezpe\u010dnostn\u00e9 scannery, &#8222;fault-injection proxies&#8220; ako aj manu\u00e1lne overenie)<\/li>\n<li><strong>Vyu\u017eitie Zranite\u013enost\u00ed<\/strong> &#8211; pokus o z\u00edskanie pr\u00edstupu pomocou zranite\u013enost\u00ed identifikovan\u00fdch v predch\u00e1dzaj\u00facej f\u00e1ze. Cie\u013eom je z\u00edska\u0165 pou\u017e\u00edvate\u013esk\u00fd alebo privilegovan\u00fd (administr\u00e1torsky) pr\u00edstup do aplik\u00e1cie alebo opera\u010dn\u00e9ho syst\u00e9mu\u00a0(pou\u017eit\u00e9 s\u00fa \u0161peci\u00e1lne &#8222;exploit&#8220; skripty a &#8222;exploit&#8220; syst\u00e9my<\/li>\n<li><strong>Testovanie po\u0161tov\u00e9ho serveru<\/strong> &#8211; okrem testovania zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii MTA servera, je realizovan\u00fdch nieko\u013eko detailn\u00fdch SMTP testov na overenie \u201erelaying probl\u00e9mov&#8220; MTA servera, tak\u017ee s\u00fa odhalen\u00e9 v\u0161etky mo\u017enosti zneu\u017eitia SMTP servera pr\u00edpadn\u00fdm spamerom a odolnosti MTA servera na potenci\u00e1lny DOS \u00fatok. Test sa vz\u0165ahuje na v\u0161etky MX servery pre dan\u00fa testovan\u00fa dom\u00e9nu. S\u00fa\u010dasne s\u00fa otestovan\u00e9 potenci\u00e1lne zneu\u017eite\u013en\u00e9 zranite\u013enosti anti-v\u00edrov\u00fdch a anti spamov\u00fdch implement\u00e1ci\u00ed.<\/li>\n<li><strong>Testovanie DNS z\u00f3n <\/strong>&#8211; okrem testovania zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii DNS servera (Bind, Microsoft DNS server) je realizovan\u00fd tie\u017e test konzistencie z\u00f3n na v\u0161etk\u00fdch zadan\u00fdch DNS serveroch, kontrola mo\u017enosti verejn\u00e9ho \u201ezone transfer&#8220;, zranite\u013enos\u0165 na DNS \u201ecaching&#8220; \u00fatoky at\u010f. S\u00fa\u010dasne s\u00fa realizovan\u00e9 detailn\u00e9 penetra\u010dn\u00e9 testy ka\u017ed\u00e9ho DNS servera pre dan\u00fa dom\u00e9nu (aj mimo siete objedn\u00e1vate\u013ea \u2013 v tomto pr\u00edpade je nutn\u00fd ale s\u00fahlas pr\u00edslu\u0161n\u00e9ho prev\u00e1dzkovate\u013ea).<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Uveden\u00e9 testovanie pozost\u00e1va z viacer\u00fdch f\u00e1z, ktor\u00e9 s\u00fa realizovan\u00e9 v s\u00falade s OSSTMM. Pou\u017eit\u00e9 n\u00e1stroje a postupy s\u00fa definovan\u00e9 v Penetration Testing Framework. Test je realizovan\u00fd z poh\u013eadu potenci\u00e1lneho anonymn\u00e9ho \u00fato\u010dn\u00edka z Internetu, ktor\u00fd nedisponuje \u017eiadnymi inform\u00e1ciami o testovanej topol\u00f3gii a testovan\u00fdch slu\u017eb\u00e1ch. Samotn\u00e9 testovanie prebieha v troch f\u00e1zach: Prv\u00e1 f\u00e1za predstavuje scan (enumer\u00e1cia) kompletn\u00e9ho [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":381,"menu_order":2,"comment_status":"closed","ping_status":"closed","template":"services_detail.php","meta":{"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-393","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Extern\u00fd (blackbox) penetra\u010dn\u00fd test - Nethemba<\/title>\n<meta name=\"description\" content=\"Test zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii DNS servera (Bind, Microsoft DNS server) je realizovan\u00fd tie\u017e test konzistencie z\u00f3n na DNS serveroch.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/\" \/>\n<meta property=\"og:locale\" content=\"sk_SK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Extern\u00fd (blackbox) penetra\u010dn\u00fd test - Nethemba\" \/>\n<meta property=\"og:description\" content=\"Test zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii DNS servera (Bind, Microsoft DNS server) je realizovan\u00fd tie\u017e test konzistencie z\u00f3n na DNS serveroch.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/\" \/>\n<meta property=\"og:site_name\" content=\"Nethemba\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/nethemba\" \/>\n<meta property=\"article:modified_time\" content=\"2019-08-05T11:17:52+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@nethemba\" \/>\n<meta name=\"twitter:label1\" content=\"Predpokladan\u00fd \u010das \u010d\u00edtania\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 min\u00faty\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nethemba.com\\\/sk\\\/sluzby\\\/sietova-a-systemova-bezpecnost\\\/externy-blackbox-penetracny-test\\\/\",\"url\":\"https:\\\/\\\/nethemba.com\\\/sk\\\/sluzby\\\/sietova-a-systemova-bezpecnost\\\/externy-blackbox-penetracny-test\\\/\",\"name\":\"Extern\u00fd (blackbox) penetra\u010dn\u00fd test - Nethemba\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nethemba.com\\\/de\\\/#website\"},\"datePublished\":\"2015-11-08T20:42:55+00:00\",\"dateModified\":\"2019-08-05T11:17:52+00:00\",\"description\":\"Test zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii DNS servera (Bind, Microsoft DNS server) je realizovan\u00fd tie\u017e test konzistencie z\u00f3n na DNS serveroch.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nethemba.com\\\/sk\\\/sluzby\\\/sietova-a-systemova-bezpecnost\\\/externy-blackbox-penetracny-test\\\/#breadcrumb\"},\"inLanguage\":\"sk-SK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nethemba.com\\\/sk\\\/sluzby\\\/sietova-a-systemova-bezpecnost\\\/externy-blackbox-penetracny-test\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nethemba.com\\\/sk\\\/sluzby\\\/sietova-a-systemova-bezpecnost\\\/externy-blackbox-penetracny-test\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nethemba.com\\\/sk\\\/domov\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Slu\u017eby\",\"item\":\"https:\\\/\\\/nethemba.com\\\/sk\\\/sluzby\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Sie\u0165ov\u00e1 a syst\u00e9mov\u00e1 bezpe\u010dnos\u0165\",\"item\":\"https:\\\/\\\/nethemba.com\\\/sk\\\/sluzby\\\/sietova-a-systemova-bezpecnost\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Extern\u00fd (blackbox) penetra\u010dn\u00fd test\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nethemba.com\\\/de\\\/#website\",\"url\":\"https:\\\/\\\/nethemba.com\\\/de\\\/\",\"name\":\"Nethemba\",\"description\":\"We care about your security\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nethemba.com\\\/de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"sk-SK\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Extern\u00fd (blackbox) penetra\u010dn\u00fd test - Nethemba","description":"Test zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii DNS servera (Bind, Microsoft DNS server) je realizovan\u00fd tie\u017e test konzistencie z\u00f3n na DNS serveroch.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/","og_locale":"sk_SK","og_type":"article","og_title":"Extern\u00fd (blackbox) penetra\u010dn\u00fd test - Nethemba","og_description":"Test zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii DNS servera (Bind, Microsoft DNS server) je realizovan\u00fd tie\u017e test konzistencie z\u00f3n na DNS serveroch.","og_url":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/","og_site_name":"Nethemba","article_publisher":"https:\/\/www.facebook.com\/nethemba","article_modified_time":"2019-08-05T11:17:52+00:00","twitter_card":"summary_large_image","twitter_site":"@nethemba","twitter_misc":{"Predpokladan\u00fd \u010das \u010d\u00edtania":"3 min\u00faty"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/","url":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/","name":"Extern\u00fd (blackbox) penetra\u010dn\u00fd test - Nethemba","isPartOf":{"@id":"https:\/\/nethemba.com\/de\/#website"},"datePublished":"2015-11-08T20:42:55+00:00","dateModified":"2019-08-05T11:17:52+00:00","description":"Test zn\u00e1mych zranite\u013enost\u00ed v konkr\u00e9tnej implement\u00e1cii DNS servera (Bind, Microsoft DNS server) je realizovan\u00fd tie\u017e test konzistencie z\u00f3n na DNS serveroch.","breadcrumb":{"@id":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/#breadcrumb"},"inLanguage":"sk-SK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/externy-blackbox-penetracny-test\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nethemba.com\/sk\/domov\/"},{"@type":"ListItem","position":2,"name":"Slu\u017eby","item":"https:\/\/nethemba.com\/sk\/sluzby\/"},{"@type":"ListItem","position":3,"name":"Sie\u0165ov\u00e1 a syst\u00e9mov\u00e1 bezpe\u010dnos\u0165","item":"https:\/\/nethemba.com\/sk\/sluzby\/sietova-a-systemova-bezpecnost\/"},{"@type":"ListItem","position":4,"name":"Extern\u00fd (blackbox) penetra\u010dn\u00fd test"}]},{"@type":"WebSite","@id":"https:\/\/nethemba.com\/de\/#website","url":"https:\/\/nethemba.com\/de\/","name":"Nethemba","description":"We care about your security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nethemba.com\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"sk-SK"}]}},"_links":{"self":[{"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/pages\/393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/comments?post=393"}],"version-history":[{"count":0,"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/pages\/393\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/pages\/381"}],"wp:attachment":[{"href":"https:\/\/nethemba.com\/sk\/wp-json\/wp\/v2\/media?parent=393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}