WARNING/DISCLAIMER

The Author/Blogger shall hold no liability for special, incidental, or consequential damages arising out of or resulting from the use/misuse of the information in this Blog. It is strictly mentioned that these are all for learning and awareness purpose. Most of the articles are collected from various sources and many of them are blogger's own which meant for helping people who are interested in security system or beginners help for security systems and various IT purposes. Some of the articles are solely intended for IT Professionals and systems administrators with experience servicing computer. It is not intended for home users, hackers, or computer thieves attempting to crack PC. Please do not attempt any of these procedures if you are unfamiliar with computer hardware, software and please use this information responsibly. Binod Narayan Sethi is not responsible for the use or misuse of these material, including loss of data, damage to hardware or personal injury. Information can help you to catch hackers and crackers and other cyber criminals. Information can help you to detect and manipulate the evil motives of these anti social intellectual peoples. Good use of the information protect you from evils and misuse of the information make you evil/criminal. Author of this site will not be responsible for use of material for any illicit mean or illicit act done by anybody in any means.

Binod Narayan Sethi

Binod Narayan Sethi
Programming,Web Development & Graphic Designing are my Hobbies.

Friday, June 11, 2010

ETHICAL HACKING AGREEMENT

11:54 PM  Binod Narayan Sethi  

ETHICAL HACKING AGREEMENT

External Network Security – Unannounced Penetration Test

FACILITY: _____________________________________

DATE: _________________________________________

OBJECTIVE: To provide an assessment of the site’s external security profile of networked computer systems and intrusion detection capabilities.

SCENARIO: Testing will consist of four phases, during which various tools and techniques will be used to gain information and identify vulnerabilities associated with the site’s computer systems and subsequent attempts to penetrate the network. These phases, discussed in detail below are: network mapping; vulnerability identification; exploitation; and reporting.

Network Mapping
will obtain much of the required information regarding the
site’s network profile, such as IP address ranges, telephone number ranges, and
other general network topology through public information sources, such as
Internet registration services, web pages, and telephone directories. More
detailed information about the site’s network architecture will be obtained
through the use of domain name server (DNS) queries, ping sweeps, port scans,
and connection route tracing. Informal inquiries, not linked to Independent
Oversight, may also be attempted to gather information from users and
administrators that could assist in gaining access to network resources. Once
this general network information is compiled and analyzed,
will begin identification of individual system vulnerabilities.

Vulnerability Identification
During this phase, will attempt to associate operating
systems and applications with identified computers on the network. Depending
upon network architecture, this may be accomplished using automated tools, such
as nmap and queso, or using manual techniques, such as telnet, ftp, or sendmail
login banners. Using this information, will create a list
of probable vulnerabilities associated with each potential target system. Also,
at this point, automated scripts will be developed or compiled to attempt
exploitation of vulnerabilities.

Exploitation
During this phase, system and user information will be used to attack the
authentication processes of the target systems. Example attack scenarios in this
phase include, but are not limited to: buffer overflows, application or system
configuration problems, modems, routing issues, DNS attacks, address spoofing,
share access and exploitation of inherent system trust relationships. Potential
vulnerabilities will be systematically tested in the order of penetration and
detection probability as determined by the members of the
penetration testing team. The strength of captured password files will be tested
using password-cracking tools. Individual user account passwords may also be
tested using dictionary-based, automated login scripts. In the event that an
account is compromised, will attempt to elevate privileges
to that of super user, root, or administrator level.

Since the goal of testing is to determine the extent of
vulnerabilities, and not simply penetrate a single site system, information
discovered on one system may be used to gain access to additional systems that
may be "trusted" by the compromised system. Additionally, host-level
vulnerabilities may be exploited to elevate privileges within the compromised
system to install "sniffers" or other utilities. will
insert a small text file at the highest level directory of each compromised
system. In those cases where is unable to gain sufficient
privilege to write to the system, a file will be copied from the system. In
either case, additional files may be copied during testing if further review is
required to determine sensitivity of information contained on the system.
will maintain detailed records of all attempts to exploit
vulnerabilities and activities conducted during the attack phase.

Reporting
will provide an on-site briefing of results. These results
will also be documented in a management level report provided to the site,
Operations Office, and responsible Headquarters Program Offices that will cover
the unannounced penetration testing. Specific details on vulnerabilities will
also be provided to site technical personnel.

SPECIAL CONSIDERATIONS:
will coordinate testing activities with a "trusted
agent" in each organization listed on the performance test agreement as
appropriate. Each organization should identify an individual to be designated
as a trusted agent. More than one trusted agent may be identified at the site,
however, the number should be kept to an absolute minimum. All personnel who
are informed of the testing will maintain strict confidentiality to ensure the
validity of test results.

The Operations Office will coordinate with trusted agents at the site to
identify critical systems that should be excluded from testing activities
(e.g., safety systems, major applications undergoing upgrades or other special
evolutions). Specific network addresses and reasons for exclusion should be
provided as an attachment to the signed performance test.
The Operations Office will identify any systems or network nodes that are
connected to the site network, but are not under the direct control and
responsibility of the site or the cognizant Operations Office. These systems
will be excluded from testing unless obtains permission
from the system owner.

will provide the DOE Computer Incident Advisory
Capability (CIAC) with information regarding the systems used for scanning and
testing activities to ensure that testing activities are not confused with
real attacks.

While will not attempt to exploit "denial of service"
vulnerabilities (unless specifically requested by competent authority) and
every attempt will be made to prevent damage to any information system and the
data it holds, some penetration attempt scenarios have the possibility of
causing service interruption. In the unlikely event that such an event occurs,
will work with the trusted agents at the site to
determine the nature of the problem and restore the system to its desired
state of operation.

All information obtained by will be protected (to the
extent possible) from unauthorized access.

In the event that any site personnel (excluding trusted agents) identify
testing activities, site computer security personnel
should document the detection of activity and take initial actions that would
be taken in the case of a real intrusion, including informing CIAC. If
notified by the site of incidents that correspond with OA penetration testing,
CIAC and the site’s trusted agents will inform the appropriate site computer
security personnel that the activity identified is part of an authorized DOE
test. OA will also be informed of the detection. In these cases, logs or other
evidence of intrusion detection activities should be provided to Independent
Oversight for analysis. testing will then be allowed to
continue as an announced external network security assessment without
blocking, filtering, or restricting access.

It is the site’s responsibility to restore network computer systems to a
secure configuration after testing. Independent
Oversight will coordinate with and provide assistance (as requested) to system
administrators during this period of "cleaning up" network computer systems.
Clean-up may consist of removing added programs and files, identifying systems
whose password files were compromised, and restoring systems to a secure
configuration so that no systems are left in a compromised condition.
As evidenced by their signature on this performance test agreement, Operations
Office and site contractor representatives certify that the Department’s
Banner and Warning Policy has been implemented at the site and network
computer users have, as a result, granted constructive consent to this type of
activity.


APPROVALS:

______________________________________________________________
Director, Office of Cyber Security and Special Reviews

______________________________________________________________
Office of Chief Information Officer Representative

______________________________________________________________
Lead Program Secretarial Office Representative

______________________________________________________________
Operations Office Representative

______________________________________________________________
Site Contractor Representative

Posted in:

Binod Narayan Sethi

Binod Narayan Sethi
Binod Narayan Sethi

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More