1
00:00:15,700 --> 00:00:22,690
In the last lecture, we saw different types of attacks on the servers in this lecture, we will discuss

2
00:00:22,850 --> 00:00:24,490
Web server brain testing.

3
00:00:26,180 --> 00:00:32,370
Website up open testing is used to identify, analyze and report vulnerabilities such as authentication,

4
00:00:32,420 --> 00:00:38,710
weaknesses, configuration errors, protocol related vulnerabilities and many more in a Web server,

5
00:00:39,350 --> 00:00:46,100
the best way to perform testing is to conduct a series of methodical and repeatable tests and to work

6
00:00:46,100 --> 00:00:49,350
through all of different applications to find the vulnerabilities.

7
00:00:50,180 --> 00:00:52,480
So why the open testing is important?

8
00:00:53,500 --> 00:00:59,680
It helps us to detect the vulnerabilities or verify the vulnerabilities, to exploit the vulnerability

9
00:00:59,680 --> 00:01:06,520
in order to test and fix the issue, remediation of vulnerabilities, to retest the solution against

10
00:01:06,520 --> 00:01:14,760
vulnerability, to ensure that it is completely secure and identification of the infrastructure to identify,

11
00:01:14,770 --> 00:01:17,840
make Virgin and update levels of the servers.

12
00:01:18,340 --> 00:01:23,360
This helps in selecting experts to test for associated vulnerabilities.

13
00:01:23,860 --> 00:01:27,820
So let's start with testing on Web servers.

14
00:01:28,890 --> 00:01:35,110
Web server and testing starts with collecting as much information as possible about an organization

15
00:01:35,410 --> 00:01:38,530
ranging from its physical location to operating in the moment.

16
00:01:39,160 --> 00:01:45,490
Now you social engineering techniques to collect information such as human resources, contact details

17
00:01:45,490 --> 00:01:50,340
and many more that may help in Web server authentication testing use.

18
00:01:50,560 --> 00:01:57,510
Who is database query tools to get the details about a target such as domain name, IP, address, administrator

19
00:01:57,520 --> 00:02:05,800
contacts, autonomous system, DNS, etc. fingerprint web server to gather information such as server

20
00:02:05,800 --> 00:02:08,470
name, server type operating systems.

21
00:02:08,620 --> 00:02:15,880
Applications running on that system using tools such as an aircraft is strictly Peacon and I reserve

22
00:02:16,790 --> 00:02:17,680
GRALL website.

23
00:02:17,800 --> 00:02:25,000
Get specific types of information from web pages such as email address, enumerator, web server directories,

24
00:02:25,120 --> 00:02:31,570
QuickStart, important information to those with functionalities, logging forms, etc. but from directory

25
00:02:31,570 --> 00:02:37,250
traversal attack, klaxons restricted directories and execute commands outside of the servers group

26
00:02:37,270 --> 00:02:45,100
directly performable reality scanning to identify weaknesses in the network, using tools such as Acuña

27
00:02:45,100 --> 00:02:47,230
Ticks, Nessus, etc..

28
00:02:47,470 --> 00:02:54,100
We have seen Nessus in the vulnerability assessment section, but from its GDP response splitting attack

29
00:02:54,220 --> 00:03:00,340
to pass malicious data to one Raible application that includes the data in an Israeli response header,

30
00:03:01,120 --> 00:03:07,600
both from the cache poisoning attack to force the Web server sketchy to flush its actual cache content

31
00:03:07,600 --> 00:03:15,820
and send a specially crafted request which will store in the cashier brute force as S.H., FPP and other

32
00:03:15,820 --> 00:03:19,360
services login credentials to gain unauthorized access.

33
00:03:19,990 --> 00:03:27,730
But from Sejin Highjacking to capture the valorisation cookies and Iris use tools disbursal Firesheep

34
00:03:28,210 --> 00:03:30,820
G hijack automated station hijacking.

35
00:03:31,600 --> 00:03:38,410
Next, perform an item that is the man in the middle attack to access sensitive information by intercepting

36
00:03:38,410 --> 00:03:46,060
and altering communications between end user and web server use tools to destabilize the A.W. stats,

37
00:03:46,660 --> 00:03:58,510
Temotu, etc. to examine the server logs and in the end use tools citizen to split three if expert frameworks

38
00:03:58,510 --> 00:04:00,520
and document all the findings.

39
00:04:01,570 --> 00:04:07,270
I hope you got an overview of how to perform network testing on the servers.

40
00:04:07,630 --> 00:04:11,560
In the next lecture, we will see some countermeasures of lipservice.