APPLICATIONS

• Applications can open a system up to a plethora of

vulnerabilities.
• During a penetration test, three main types of applications are
assessed for the level of threat they expose the organization
to: Web, distributed, and customer applications.
• WEB A PPLICATIONS
• Example of a web application
• Popular applications include Google Apps and Microsoft 365.
Google Apps for Work has Gmail, Google Docs, Google Sheets,
Google Slides, online storage and more. Other functionalities
include online sharing of documents and calendars.
• Three popular Web server applications used in many
companies today are Apache, IIS, and iPlanet.
 APPLICATIONS
• What is Apache Web Server?
• Apache HTTP Server is a free and open-source web server
that delivers web content through the internet.
• It is commonly referred to as Apache and after development,
it quickly became the most popular HTTP client on the web.
• Apache functions as a way to communicate over networks
from client to server using the TCP/IP protocol. Apache can
be used for a wide variety of protocols, but the most
common is HTTP/S. HTTP/S or Hyper Text Transfer Protocol (S
stands for Secure) is one of the main protocols on the web,
and the one protocol Apache is most known for.
 APPLICATIONS
• What Is an IIS(Internet Information services) Web Server?
• enables several key advantages over previous versions of IIS:
• Secure the server by reducing the attack surface area. Reducing surface area is
one of the most powerful ways to secure a server system. With IIS, you can
remove all unused server features, achieving the minimum surface area possible
while preserving the functionality of your application.
• Improve performance and reduce memory footprint. By removing unused server
features, you can also reduce the amount of memory the server uses, and
improve performance by reducing the amount of feature code that executes on
every request to your application.
• Build custom / specialized servers. By selecting a particular set of server features,
you can build custom servers that are optimized for performing a specific function
within your application topology, such as edge caching or load balancing. You can
add custom features to extend or replace any existing functionality using your
own or third party server components built on the new extensibility APIs.
 APPLICATIONS
• What Is an iplanet Web Server?
• iPlanet Web Server is an extremely powerful multi-
process, multi-threaded, secure web server built on
open standards that enables your business
enterprise to seamlessly integrate with other
internal and external systems.
• By providing high performance, reliability, scalability,
and manageability, iPlanet Web Server solves the
business-critical needs of your web site, regardless of
the size of your enterprise.
 APPLICATIONS
• DISTRIBUTED A PPLICATIONS
• Distributed applications (distributed apps) are applications or software
that run on multiple computers within a network at the same time and
can be stored on servers or cloud computing platforms. Unlike
traditional applications that run on a single system, distributed
applications run on multiple systems simultaneously.
• Distributed apps can communicate with multiple servers or devices on
the same network from any geographical location. The distributed
nature of the applications refers to data being spread out over more
than one computer in a network.
• One example of a distributed application is an e-commerce platform
that distributes different functions of the application to different
computers in its network. The servers or computers host different
functions, such as the following: Accept payment from customers at
checkout.
 APPLICATIONS
• Customer applications
• We are able to satisfy all special wishes of our customers. We prepare
customer applications according to individual requirements either
through the modification of an existing product, or by the development
of an entirely new customer application.

Examples of implemented customer applications:

- booking of a parking space via the internet
- selling of parking cards via the internet
- central control and monitoring of the occupancy of car park network
- special applications for the check-in of lorries in the area of the selling
of loose materials
- applications for ticketing systems
- mobile payments
 WARDIALING
• What is War Dialing?
• War dialing is a technique to automatically scan a list of telephone
numbers, usually dialing every number in a local area code to search
for modems, computers, bulletin board systems(computer servers)
and fax machines.
• Hackers use the resulting lists for various purposes: hobbyists for
exploration, and crackers—malicious hackers who specialize in
breaching computer security—for guessing user accounts (by
capturing voicemail greetings), or locating modems that might
provide an entry-point into computer or other electronic systems.
• It may also be used by security personnel, for example, to detect
unauthorized devices, such as modems or faxes, on a company's
telephone network.
 WARDIALING
• Wardialing tests are predominantly performed in stages that are used to
reduce the number of valid phone numbers and isolate target systems.
Steps can include the following:
• Number Scanning.
• The first step is to determine which telephone numbers are connected to
computers, fax machines, modems, or simply do not answer. Usually,
these numbers are logged as one of these systems and busy signals are
retried until an answer is received or the preconfigured number of tries is
exceeded.
• System Type Scanning.
• Once all the different systems are identified they are categorized and the
investigative process is focused on specific numbers. For example, the
tool may have discovered 37 fax machines in the pool of phone numbers,
6 of which are fax modems that may be able to provide terminal access if
the tool can negotiate a modem protocol rather than a fax protocol.
 WARDIALING
• Banner Collection. For every number that answered with a
modem tone, there is the possibility that the system will provide
a banner communicating the type of system and status.
• Default Access. There are some situations where the system is
configured to allow access simply based on a username or group
name without a password. This is sometimes used to
accommodate maintenance access or poorly configured systems.
• Brute Force. When a username and password combination is
required, this is the act of testing as many passwords as possible.
Typically this is supported by a collection of commonly used
passwords passed to the remote system sequentially until one of
them works.
SERVICES AND AREAS OF CONCERN
• There are many opportunities for hackers to infiltrate
your networks and systems by leveraging weaknesses in
applications, operating systems, and services.
• Services Started by Default
• Many operating systems install and start unnecessary
services by default. Although these services do serve a
purpose, most are not needed for the system and
applications to function properly. These services include
send mail, save core, rpc bind, FTP, telnet for UNIX, and
Internet Information Server (IIS) for Windows
NT/2000/XP.
SERVICES AND AREAS OF CONCERN
• WINDOWS PORTS
• Microsoft Windows allows systems to share files or folders across the network using Windows
network shares. The Server Message Block (SMB) and the Common Internet File System (CIFS)
protocols are the mechanisms that permit a system to modify remote files as if they were
locally stored.
• Operating System – Services
• An Operating System provides services to both the users and to the programs.
• It provides programs an environment to execute.
• It provides users the services to execute the programs in a convenient manner.
• Following are a few common services provided by an operating system −
• Program execution
• I/O operations
• File System manipulation
• Communication
• Error Detection
• Resource Allocation
• Protection
SERVICES AND AREAS OF CONCERN
• What is Remote Procedure Call (RPC)?
• Remote Procedure Call is a software communication protocol that one
program can use to request a service from a program located in
another computer on a network without having to understand the
network's details. RPC is used to call other processes on the remote
systems like a local system. A procedure call is also sometimes known
as a function call or a subroutine call.
• RPC uses the client-server model. The requesting program is
a client, and the service-providing program is the server. Like a local
procedure call, an RPC is a synchronous operation requiring the
requesting program to be suspended until the results of the remote
procedure are returned. However, the use of lightweight
processes or threads that share the same address space enables
multiple RPCs to be performed concurrently.
SERVICES AND AREAS OF CONCERN
• SIMPLE NETWORK M ANAGEMENT P ROTOCOL (SNMP)
• The Simple Network Management Protocol is used extensively in all
organizations to remotely monitor and configure almost all types of TCP/IP-
enabled devices. SNMP communication consists of exchanged messages
between the management systems and the devices that run the SNMP agent.
The method by which the messages are handled and the authentication
mechanism both have significant exploitations associated with them.
• BERKELEY I NTERNET NAME D OMAIN (BIND)
• A Berkeley Internet Name Domain (BIND) is the most commonly used DNS
service on the Internet, especially on Unix-like systems.
• It is a very popular and common target for attacks because it is the most
widely distributed DNS software and the servers running BIND are usually
accessible from the Internet. Moreover, it does not help that a new
vulnerability is exposed every three or four months, offering yet another form
of access to attackers.
SERVICES AND AREAS OF CONCERN
• COMMON GATEWAY INTERFACE (CGI)
• CGI scripts are used by Web servers as a means to provide
collecting Web user information, execution of programs,
and accessibility to files requested by users of the Web
site. CGI programs normally run with the same permissions
as the Web server software.
• NETWORK FILE SYSTEM (NFS)
• UNIX systems utilize NFS to share files and directories and
drives across the network. NFS is insecure in its natural
state. Most administrators allow read and write access to
everyone rather than narrow down the list to a select few.
SERVICES AND AREAS OF CONCERN
• DOMAIN NAME SERVICE (DNS)
• DNS does the name resolution portion of BIND. It translates a
domain name into an IP address and vice versa. Applications
use DNS exclusively to look up address information when they
need to send information over the Internet. Without DNS,
users would have to know the exact IP address every time
they wanted to surf the Web or send an e-mail. DNS is critical
to the Internet.
• FTP AND TELNET
• Besides these two services sending information in clear text,
they are vulnerable to other attacks as well: buffer overflows
and brute force password attacks to name just two. System
administrators need to ensure the latest patches have been
applied to those systems running these services.