Penetration Testing Approach.

Introduction

Computer software and operating systems as sophisticated and effective as they may be, always possess certain vulnerabilities that limit their efficient operations at all times. Kasperskey Lab (2013) point out that these vulnerabilities might be caused by program errors or intended features that allow other programs and viruses to access and take control of the device, this report specifically looks to highlight some of these vulnerabilities especially with consideration of an earlier version of Microsoft operating system, Windows XP. Some of the vulnerabilities of windows XP to be highlighted and investigated include: including: Windows and Help Support centre as well as File Sharing Vulnerability. In order to assess these types of vulnerabilities in my computer network system I will utilize the Vulnerability assessment and Penetration testing (VAPT) process. This process will be followed using the 6 steps highlighted by Beaver (2008) including: setting of goals and objectives of the test, defining the scope of the test, gathering information as regards IT environments after which a vulnerability detection will be done using vulnerability scanners and finally develop and analysis and planning of their solution.

Research into OS Vulnerabilities

One of the most common Operating System is the Microsoft Windows which gets upgraded on a fairly regular basis and as such, most of the vulnerabilities in previous versions are almost always guaranteed to be solved in the latter upgraded versions. This test will however focus on a much earlier version of the operating System Windows XP highlighting vulnerabilities such as File Sharing Vulnerability and Windows and Help Support centre vulnerability among others, most of which provides a way through the firewall for intrusions and hackers. Different patches have been released by the developers of the OS, Microsoft that are capable of fixing any of these vulnerabilities whenever detected to enable the maximum protection of one’s devices and network systems. However vulnerabilities of the operating system discovered after 2014 have not been serviced and may lead to attacks.

Vulnerability Test Rationale

The vulnerability test intended for use include the Vulnerability assessment and Penetration Testing (VAPT) process which enables the use of a device through collection of information and actual vulnerability testing using scanners. According to Veracode (2019) VAPT enables a more comprehensive network evaluation giving an organization or individual a more detailed view of all the threats and potential threats to a computer system whether internal and/ or external networks as well. This is crucial in ensuring the safety of the computer system and making it free from attacks that may lead to loss of information, control of system by external hackers as well as theft and manipulation of data and information.

Methodology

The VAPT test was carried out using the 5 steps highlighted by Guru99 (2019) including the definition of the goals and objectives which included ensuring the safety of my personal computer system from external hackers and intrusions. Definition of the scope which involved both the internal and external systems and network connection between my home and work systems, gathering of information on the Windows operating system and the infrastructure and network connection that I used as well as carrying out the actual vulnerability detection test using the Intruder Vulnerability scanner. The scanned information was then analyzed in line with the information collected and adequate fixes taken up to ensure the maximum protection of the computer systems.

Findings

The Vulnerability Assessment Identified two different types of vulnerabilities in my operating system including: File Sharing Vulnerability and Windows and Help Support centre

File Sharing Vulnerability This vulnerability became rampant in 2017 when countless organizations around the world were attacked with ransom ware strains including WannaCrypt, WanaDecrypt and Wanna.cry which attacks and encrypts a victims documents, images, music and other files unless the victim pays a ransom (Krebs, 2017). The vulnerability originates from the sharing of files using different applications exposing the system to attack.

The vulnerability can adversely impact to total control of a computer system by a hacker and denying the user access for the purposes of ransom. In the process it could also lead to data manipulation or stealing of integral information. There is a high likelihood of the vulnerability to be exploited given the high rate at which individuals share files on the virtual machine platforms. In the current technologically enhanced error sharing conent is a key process in a wide range of individuals’ daily activities thereby opening a wide number of windows for attack by hackers and intruders to these systems. Windows and Help Support Centre

Based on Apex (2019), windows XP exhibits vulnerability in the windows and Help support centre which can potentially allow a remote hacker to take total control over a victim’s machine. Through using the help and support centre on windows XP a vulnerability is open with which can cause an attack to the system security. Features within the Help Centre that allow administrator to remotely log onto their machines create the flaw and expose it for detection and exploitation by hackers and intruders who can manipulate the users data at will and use it to their advantage.

While being able to log into ones system remotely is quite convenient especially for people on the move, and in the use of virtual machines, logging into the same account from multiple devices increases the risk of exposure and thus creates a vulnerability that can be exploited. The likely hood of occurrence of this vulnerability is limited however due to the lack of many individuals who use of more than one device. In addition the possibility of using more than one device is extremely low and as such most users rarely use the Help Centre making the likelihood of its exploitation quite limited. Eventually therefore the vulnerability despite having several established patches for cutting out the vulnerability is quite limited in risk leading to an actual attack on a computer system.

Security Vulnerability in Virtual Machines

Despite not using cloud systems or virtual machines often, one of the vulnerabilities with the use of Virtual Machines includes the security standards. The virtual system is increasingly replacing computer hardware and making access to information quite easy from whichever geographical location. In fact Hyde (2009) points out that VMs have better security models than traditional machines due to provision of an additional layer of security in hardware abstraction and isolation. However, the new VM model requires adaptation of existing security models which cannot currently keep up with the ease of creating new VMs with a variety of configurations and lifecycles

Overall Risk Assessment

Regardless of the kinds of vulnerabilities and risks detected by the VAPT test, it is clear that vulnerability testing is and should be a regular undertaking to ensure the avoidance of hacking or intrusion that may impact the system. Most of these vulnerabilities are caused by negligence of users in installation of protective firewalls and antivirus or antispyware as well as regular updates that lead to, missing patches which impact computer and system vulnerabilities. As such regular vulnerability assessment and fixes enable the maintenance of the system and its adequate protection from intruders and hackers.

Recommendation

Based on the findings, two major causes of computer vulnerabilities were identified, including: negligence and lack of installation of appropriate protection software as well as use of ineffective patches and counterfeit updates. As such three major recommendations are made which include: Ensuring timely installation of security software such as antivirus and antispyware to be able to detect intrusion and malware and enable the timely fixing and handling of these vulnerabilities in order to prevent extensive impact on the devise or systems. Regular assessment of these security software to ensure they are up to date and properly functioning so as to enable protection of device and system is also recommended as well as a timely installation of any upgrades and patches from approved product vendors and developers. This prevents the use of counterfeit patches and exposing the device or system to vulnerabilities and attacks from hackers.

Continue your journey with our comprehensive guide to Patient Safety Incident Involving a Student Midwife.

References

• Beaver K. (2008). The 10 most common Windows security vulnerabilities. Available at:
• Gman (2017). Top Windows 10 OS Vulnerabilities and How to Fix Them [Guidelines]. [online] comodo.com.
• Guru99 (2019). What is Vulnerability Assessment? Testing Process, VAPT scan tool. [online] guru99.com.
• Hyde, D. (2009). A Survey on the Security of Virtual Machines. [online] Cse.wustl.edu. Available at: Kaspersky Lab (2013). Operating System Vulnerabilities and Malware Implementation Techniques. [online] kaspersky.co.uk. Available at:
• Rouse M. (2018). Software Patch/fix. [online] techtarget.com. Available at:
• Shinder D. (2015). Patch or Not? Weighing the Risks of Immediate Updating. [online] techgenix.com. Available at
• Veracode (2019). Vulnerability Assessment and Penetration Testing. [online]. Veracode.com.