Penetration Testing with Kali Linux OffSec


səhifə13/132
tarix21.12.2023
ölçüsü
#187693
1   ...   9   10   11   12   13   14   15   16   ...   132
PEN-200

critical
component of 
cybersecurity. 
Another important aspect of security is that it usually involves 
reasoning under uncertainty

Although we have plenty of deductive skills, we are by no means mentally omniscient. We cannot 
determine 
everything
that follows from a given truth, and we cannot know or remember an infinite 
number of facts. 
Consider how a game like chess is different from a game like poker. In chess, you know 
everything that your opponent does about the game state (and vice versa). You may not know 
what they are thinking, but you can make predictions about their next move based on the exact 
same information that they are using to determine it. Playing poker, however, you do not have all 
of the information that your opponent possesses, so you must make predictions based on 
incomplete data. 
When considering the mental perspectives of attackers and defenders, information security is a 
lot closer to poker than chess. For example, when we simulate an attack, we will never know 
everything there is to know about the machine/system/network/organization we are targeting. 
We therefore must make assumptions and estimate probabilities - sometimes implicitly and 
sometimes explicitly. Conversely, as the defender, we will not be aware of every potential attack 
vector or vulnerability we might be exposed to. We therefore need to hedge our bets and make 
sure that our attack surfaces that are most likely to be vulnerable are adequately protected. 
The problem of the intelligent adversary and the problem of uncertainty both suggest that 
understanding cybersecurity necessitates learning more about how we 
think
as human agents, 
and how to solve problems. This means we’ll need to adopt and nurture specific 
mindsets
that 
will help us as we learn and apply our skills. 
3.1.2
A Word on Mindsets 
Security is not only about understanding technology and code, but also about understanding your 
own mind and that of your adversary. We tend to think of a mindset as 
a set of beliefs that inform 
our personal perspective
on something. 
Two contrasting examples of well-known mindsets are the 
fixed
mindset and the 
growth
mindset. 
An individual with a fixed mindset believes that their skill/talent/capacity to learn is what it is, and 
that there is no gain to be made by trying to improve. On the other hand, a growth mindset 
encourages the belief that mental ability is flexible and adaptable, and that one can grow their 
capacity to learn over time. 
Research suggests that, for example, a mindset in which we believe ourselves capable of 
recovering from a mistake
18
makes us measurably better at doing so. This is just one aspect of 
the growth mindset, but it’s an important one, since security requires us to make mistakes and 
learn from them - to be constantly learning and re-evaluating. 
18
(APS, 2011), https://www.psychologicalscience.org/news/releases/how-the-brain-reacts-to-mistakes.html 


Penetration Testing with Kali Linux
PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 
32 
Another extremely valuable mindset is the aptly-coined 
security mindset
. Proposed by security 
researcher Bruce Schneier,
19
this mindset encourages a constant questioning of how one can 
attack (or defend) a system. If we can begin to ask this question automatically when 
encountering a novel idea, machine, system, network, or object, we can start noticing a wide array 
of recurring patterns. 
At OffSec, we encourage learners to adopt the 
Try Harder
20
mindset. To better understand this 
mindset, let’s quickly consider two potential perspectives in a moment of “failure.” 
1.
If my attack or defense fails, it represents a truth about my current 
skills/processes/configurations/approach as much as it is a truth about the system. 
2.
If my attack or defense fails, this allows me to learn something new, change my approach, 
and do something differently. 
These two perspectives help provide someone with the mental fortitude to make mistakes and 
learn from them, which is absolutely essential in any cybersecurity sub-field. More information 
about how to learn and the Try Harder mindset can be found in the “Effective Learning Strategies” 
Module that is part of this introductory Learning Path. 
3.1.3
On Emulating the Minds of our Opponents 
It’s worth pausing to consider the particular attention that we will give to the 
offensive
21
side of 
security, even in many of our defensive courses and Modules. One might wonder why a 
cybersecurity professional whose primary interest and goal is defending a network, organization, 
or government should also learn offense. 
Let’s take the analogy of a medieval monarch building a castle. If the monarch learns that their 
enemy has catapults capable of hurling large boulders, they might design their castle to have 
thicker walls. Similarly, if their enemy is equipped with ladders, the monarch might give their 
troops tools to push the ladders off the walls. 
The more this monarch knows about their would-be attacker and the more they can 
think like an 
attacker
, the better defense they can build. The monarch might engage in “offensive” types of 
activities or 
audits
to understand the gaps in their own defenses. For example, they could conduct 
“war-games” where they direct their own soldiers to mock-battle each other, helping them fully 
understand the capabilities and destructive potential of a real attacker. 
In cybersecurity, enterprises might hire an individual or a firm to perform a penetration test - also 
known as a 
pentest
A penetration tester takes on the role of an attacker to better understand the 
system’s vulnerabilities and exposed weaknesses. Leveraging the skill-sets and mindsets of an 
attacker allows us to better answer questions like “How might an attacker gain access?”, “What 
can they do with that access?”, and “What are the worst possible outcomes from an attack?”. 
While learning hacking skills is (of course) essential for aspiring penetration testers, we also 
believe that defenders, system administrators, and developers will greatly benefit from at least a 
cursory education in offensive techniques and technologies as well. 
19
(Schneier, 2008), https://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html 
20
(OffSec, 2021), https://www.offsec.com/offsec/what-it-means-to-try-harder/ 
21
(Kranch, 2019), https://mjkranch.com/2019/02/why_we_should_teach_offense_first/ 


Penetration Testing with Kali Linux
PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 
33 
Conversely, it’s been our experience that many of the best penetration testers and web 
application hackers are those who have had extensive exposure to defending networks, building 
web applications, or administrating systems. 
3.2
Threats and Threat Actors 
This Learning Unit covers the following Learning Objectives: 

Understand how attackers and defenders learn from each other 

Understand the differences between risks, threats, vulnerabilities, and exploits 

List and describe different classes of threat actors 

Recognize some recent cybersecurity attacks 

Learn how malicious attacks and threats can impact an organization and individuals 
The term 
cybersecurity
came to mainstream use from a military origin. For clarity, we’ll use 
cybersecurity to describe the protection of access and information specifically on the Internet or 
other digital networks. While included within the broader context of cybersecurity, information 
security also examines the protection of physical information-storing assets, such as physical 
servers or vaults. 
As we explore various threats and threat actors throughout this Module, we’ll mainly consider 
their online capabilities. Therefore, we’ll generally use the term cybersecurity here, but won’t be 
too concerned about using information security as a synonym. 
3.2.1
The Evolution of Attack and Defense 
Cybersecurity can be especially fascinating because it involves multiple agents trying to achieve 
mutually exclusive outcomes. In the most basic example, a defender wants to control access to 
an asset they own, and an attacker wants to gain control over the same asset. This is interesting 
because both roles, defender and attacker, subsist on the continued persistence of the other. In 
Yüklə

Dostları ilə paylaş:
1   ...   9   10   11   12   13   14   15   16   ...   132




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin