Results 1 to 4 of 4

Thread: exploit2hardening cross reference

  1. #1
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    9

    Default exploit2hardening cross reference

    I've been looking for a chart that cross references exploits or known hacker tools with mitigatory solutions. Does anyone know of such a thing?

    Something like

    Exploit "X" - prevented by patching "Y" technology

    Or privilege escalation tool "A" - mitigated by locking down null sessions, etc etc

    Ideally the solutions portion would provide information for multiple OS's, and the exploits column would list which systems were vulnerable

    Usually I already know how to lock something down, but periodically I run into something that worked to gain access to a system and when I am writing the report I have to scratch my head for a bit and do a lot of research to figure out how I could lock it down. It would also be helpful when writing standard build documents to be able to identify plausible threats within your environment.

  2. #2
    Junior Member tek911's Avatar
    Join Date
    Jan 2010
    Posts
    59

    Default Tall order, tex

    Well, thats a semi-tall order. Theres no magical diagram out there right now. Closest thing I could point you to would be bugtraq
    (http://www.securityfocus.com/bid).

    As far as other things like this attack is mitigated by that....due to the open ended nature of pretty much anything being fair game to being a victim of being exploited that too might not be around.

    Do you do risk assessments for management or something? Whats your target audience because it sounds like management in which case you only need the internet cloud with a line to the bad hacker computer and the line to your network. Save you some time.

    Oh and if you are in the "paper, pencil pusher" section of a security department please dont use mitagatory ever again. Ever.

  3. #3
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    9

    Default

    I'm an Incident Handler/Auditor/Disaster Preparedness and Testing guy/First Responder (ICS)/Security Admin (firewalls, av server, etc) and all around consultant on all things IT and/or Security for the 11 IT Directors in my 10 county region for a rather largish state agency. So no, I'm not just a paper pusher, but I do write my share of reports; risk assessments/IT audits, technology implementation review documentation, governance reporting, disaster recovery testing reports, incident reports, etc and do some independent testing on the side.

    I am familiar with Bugtraq and realize that there are always multiple ways to skin a cat, but I was hoping there was possibly a resource out there I had missed somewhere.

    The target audience is management for the business unit being audited, however our reports usually wind up being a guidance documentation for the tech folks so we have the management summary up front with all the pretty pictures, and the technical stuff in the back with the legislative appendices, where nobody ever looks.

  4. #4
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    I recommend taking a look at the CBT Nugget course regarding Ethical Hacking (see Penetration Testers documentation). That will shed a lot of light on how to reproduce the necessary information on a level that your audience with both understand and appreciate. There's nothing like telling a manager his employees are SSH-tunneling from the internal network to their box at home and bypassing their newly instated universal password system with XSS attacks and intuitive SQL injection techniques, only to have him/her keel over from a massive brain hemorrhage. Now, you and I might understand all of that, but you do want to provide the attack/remediation information on a semi-dumbed down level, while still retaining the professional presentation that will keep you in that manager's fancy rolodex for future reference/work.

    Just my 0.02p



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •