|
Ihr Spezialist für komplexe IT-Systeme
|
|
Ihr Spezialist für komplexe IT-Systeme
|
This practical workshop is the supplement to my presentation I have given at the 16th Conference (2003) of the German Oracle User Group in Mannheim [DOAG]. Whereas my presentation is focused on giving an overview of penetration tests with open source tools, this workshop provides interested administrators with more in-depth technical information.
The examples given in the workshop are all based on a default installation of the OCS - Oracle Collaboration Suite (Version 9.0.4.1). No Firewall was actively engaged during testing. I also did not install any security patches or other actions to improve the security of OCS.
Is this a realistic showcase for penetration tests? My answer is yes and no.
No because it is not a typical hacker scenario, where people have to worry about firewalls or intrusion detection systems and how to pass-through them. My workshop also does not cover anything about operating system security. So if you are a security consultant, you are right - No it is unrealistic - because it is not a real life scenario you would normally have to deal with.
Yes because my workshop is aimed at an average system administrator. Who has to deal with a complex software installation and may be has no glue about what he is actually doing (like me - haven't read all the OCS documents :-) ). In my opinion especially open source tools can provided a different view of a software installation to sysadmins. So these tools make up a good source of quality assurance for their daily work. Thats the main point behind my presentation.
I hope you have some fun going through this tiny workshop. If you have any remarks or questions about this workshop - feel free to contact me.
In the past Oracle administrators had just a few TCP/IP ports to take care of (e.g. the Oracle Listener). Oracle developed an uncountable set of new products and so administrators have to deal with much more then just the Oracle Listener.
I have chosen the Oracle Collaboration Suite for this workshop. OCS is based on the Oracle 9i Application Server and it is one of the more complex products from Oracle. It is normally installed on two or more computer nodes and you have to deal with many components interacting with each other.
OCS was installed in a single node configuration on one server using default values. The network for the examples consisted of two TCP/IP subnets, 192.168.74.0/24 for OCS (OCS-Server IP: 192.168.74.10) and a client subnet 192.168.1.0/24 (Attack-Client IP: 192.168.1.70). Both networks are connected to each other using a firewall acting as a router (Rule set Any - Any).
The graphic shows, that penetration testing in general could be divided into 4 steps. First we start to gather information about the target, than we proceed and look for possible vulnerabilities. This step normally involves the usage of security scanners (like Nessus [Nessus] ). The scan results need to be analyzed and checked afterwards - that's step 3. Finally you can start to look for new vulnerabilities. One way to do that is called fuzzing - which includes things that may be better known by you like SQL-Injection or Buffer-Overflows.
If you are interessted to learn more about methodologies and theories behind IT security and penetration testing. The BSI IT Baseline Protection Manual [GSHB] or the ISECOM Open Source Security Testing Methodology Manual [OSSTMM] are good online resources for you.
