Detecting Network Security Vulnerabilities and Proactive Strategies to Mitigate Potential Threats

TL;DR

This paper demonstrates a comprehensive penetration testing approach on a specific network, identifying vulnerabilities, exploiting them to find critical data, and proposing mitigation strategies to enhance security.

Contribution

It provides a detailed case study of live penetration testing using various tools, highlighting key vulnerabilities and strategies for privilege escalation and data protection.

Findings

Identified critical vulnerabilities in FTP, HTTP, and human errors.

Successfully compromised the system and found 8 Flags.

Recommended mitigation strategies for network security enhancement.

Abstract

In multi-tier network systems, custom applications, Web services and platform environments, storing data and information assets becomes a challenge for any organisation. Although there are different methods to secure network systems, the best way to test the level of security is to conduct penetration testing. In this paper, we describe how we performed live penetration testing for a particular network, namely, 192.168.3.0/24 (Case Study) by identifying the system vulnerabilities to enable its penetration. After compromising the system, critical data (Flags) must be found, indicating our successful penetration. As professional penetration testers, we used an arsenal of penetration testing tools utilised by malicious actors on the internet, such as Nmap, Nessus, Sparta and Metasploit, etc. Typically, much effort was employed on reconnaissance & scanning phases, rather than system exploration, due to their importance in identifying security vulnerabilities in the system environment. The vulnerability analysis highlighted the most critical threats, which token is an advantage to gain access, namely, FTP services, HTTP, and human errors. However, comprising the system is not sufficient because the critical data (Flag) generally requires the administrators rights. Consequently, teams often examine the system to find a way to escalate privilege to the root level. Furthermore, some critical data (Flags) require decryption algorithms or the analysis of captured packets to make them readable. We found eight Flags and identified a system security breach. Mitigation strategies addressing the identified vulnerabilities are recommended to ensure the given networks are secured against future attacks.