/ ECSA / LPT EC Council M d l XXXVI EC - Council M o d u l e XXXVI File Integrity Checking Penetration Testing Roadmap Start Here Information Vulnerability External Gathering Analysis Penetration Testing Router and Internal Firewall Penetration Testing Router and Switches Penetration Testing Internal Network Penetration Testing IDS Penetration Testing Wireless Network Penetration Testing Denial of Service Penetration Testing Password Cracking Stolen Laptop, PDAs and Cell Phones Social Engineering Application Cont’d EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Penetration Testing Penetration Testin g Penetration Testing Penetration Testing Penetration Testing Roadmap (cont ’ d) (cont d) Cont’d Physical Database VoIP Security Penetration Testing Penetration testing Penetration Testing Virus and Trojan Detection War Dialing VPN Penetration Testing Log Management Penetration Testing File Integrity Checking Blue Tooth and Hand held Device Penetration Testin g g Telecommunication And Broadband Email Security Penetration Testing Security Patches Data Leakage PiTi End Here EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Communication Penetration Testing Penetration Testing Patches Penetration Testing P enetrat i on T est i n g File Integrity • Whether the file is same as the original fil File integrity checks: fil e. • For any modification in the file. File integrity can be • Faulty storage media. File integrity can be compromised due to: • Transmission errors. • Committing errors during copying or moving. • Software bugs viruses etc EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited • Software bugs , viruses , etc . Integrity Checking Techniques Comparing two files bit-by-bit: • It requires two copies of the same file (not used normally). CRC bd i i hki • The Cyclic Redundancy Check (CRC) function takes input data stream of any length and produces an output value of a certain fixed size CRC - b ase d i ntegr i ty c h ec ki ng: value of a certain fixed size . • It is used for detecting common errors caused by noise in transmission channels by comparing the file's CRC value to a previously calculated value. • Hash-based verification ensures that a file has not been d i l d b i h fil ' h h Hash-based integrity checking: EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited corrupte d or man i pu l ate d b y compar i ng t h e fil e ' s h as h value to a previously calculated value. Steps for Checking File Integrity 1 • Check while you unzip the file 2 • Check for CRC value integrity checking • Check for hash value inte g rit y checkin g 3 gy g EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Step 1: Check While you Unzip the File the File If y ou have the zi p file , unzi p it. yp,p If it is not getting unzipped, then file may be corrupted. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Step 2: Check for CRC Value Integrity Checking Integrity Checking Compute the CRC value of the file. Compare the CRC value of the downloaded file with the given CRC value. In Linux: • Change the directory into the folder where the target files to be checked are placed. • Type command crc32 ‘your_filename’ and press enter, which displays: displays: •Crc32. • Filename with crc value. • Compare the computed CRC value and the one displayed with the fil EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited fil ename. CRC Checking in Windows Cyclic Redundancy Check (CRC) of files is available with the Windows Cyclic Redundancy Check (CRC) of files is available with the Windows installer. After the Windows installer finishes copying a file, it gets a CRC value from both the source and the destination files. The installer checks the original CRC stamped into the file and compares this to the CRC calculated from the copy. If b th th l f CRC diff t th fil b t d EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited If b o th th e va l ues o f CRC are diff eren t , th en fil e may b e corrup t e d . Step 3: Check for Hash Value Integrity Checking Integrity Checking Ste p 1: Get the file and p reviousl y calculated hash ppy value for the file Step 2: Generate a new hash value for the file Step 3: Match the old and new hash values EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited [...]... Summary File integrity checks if the file is same as the original file and if there are any modifications in the file Cyclic Redundancy Check (CRC) function takes input data stream of any length and produces an output value of a certain fi d size l h d d l f i fixed i Hash-based H h b d verification ensures th t a fil h not b ifi ti that file has t been corrupted or t d manipulated by comparing the file' s...Step 3.1: Get the File and Previously Calculated Hash Value for the File Compute the hash value of the file before sending to anyone Use different hash value creating tools such as md5sum and PasswordZilla EC-Council Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited Step 3.2: Generate a New Hash Value for the File Use the different hash value creating... corrupted or safe If these values are not matching, it means the file is corrupted matching corrupted EC-Council Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited File Integrity Checking Tools Cfv: • http://cfv.sourceforge.net/ Cksum: • http://www.mkssoftware.com/docs/man1/cksum.1.asp DySFV: • www.tteknik.nu/starzinger/DySFV/ FastSum: F S • www.fastsum.com/ f / FlashSFV:... http://trvx.com/flashsfv/ FSUM: HashCalc: EC-Council • http://www.slavasoft.com/fsum/ • http://www.slavasoft.com/hashcalc/ Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited File Integrity Checking Tools (cont d) (cont’d) jHashCalc: • http://jpassgen.sourceforge.net/jhashcalc.jnlp Jacksum: • http://sourceforge.net/projects/jacksum/ Md5sum: • http://www linuxmanpages com/man1/md5sum... create the hash value for the downloaded file EC-Council Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited Step 3.3: Match the Old and New Hash Values Match the o d a d new hash values in o de to c ec whether t e file is atc t e old and e as a ues order check et e the e s corrupted or safe If these values are not matching, it means the file is corrupted matching corrupted . T est i n g File Integrity • Whether the file is same as the original fil File integrity checks: fil e. • For any modification in the file. File integrity can be • Faulty storage media. File integrity. for Hash Value Integrity Checking Integrity Checking Ste p 1: Get the file and p reviousl y calculated hash ppy value for the file Step 2: Generate a new hash value for the file Step 3: Match. Prohibited Step 2: Check for CRC Value Integrity Checking Integrity Checking Compute the CRC value of the file. Compare the CRC value of the downloaded file with the given CRC value. In Linux: •