Abstract
A router is the first line of defense in a typical network. Improper configurations of the router may lead to various security vulnerabilities. Virtualization provides a safe and self-contained environment for network simulation and security testing. This paper uses a virtual penetration testing environment to simulate and analyze the two phases of a typical Advanced Persistent Threat (APT): (1) incursion by way of reconnaissance (passive information gathering), and (2) discovery by initial compromise to exploit vulnerabilities found in routers linking a corporate network with the untrusted zone of the inherently unsecure World Wide Web.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Certified Ethical Hacker, version 8: Ethical Hacking and Countermeasures (Common Body of Knowledge). (2011). E-commerce council. Manila: E-C Council Publishing.
Cisco IOS Quality of Service Solutions Command Reference, Release 12.2. (n.d.). Cisco corporation. Retrieved from: http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/command/reference/fqos_r/qrfcmd1.html
Gartner Press Release: Gartner says 6.4 Billion Connected “Things” Will Be in Use in 2016, Up 30 Percent From 2015. (2015, November 10). Gartner. Retrieved from: http://www.gartner.com/newsroom/id/3165317
Henry, P. (2016). SANS Security 502: Perimeter Protection in Depth- Lecture notes. Personal collection of Paul A. Henry. CISSP, SANS Institute: Bethesda.
Huang Y., & Lee, W. (2004). Attack analysis and detection for Ad Hoc routing protocols. College of Computing: Georgia Institute of Technology. Retrieved from: http://wenke.gtisc.gatech.edu/papers/raid04.pdf
Johnson, D., & Hartpence, B. (2010). A re-examination of network address translation security. Rochester Institute of Technology. Retrieved from http://scholarworks.rit.edu/other/761/?utm_source=scholarworks.rit.edu%2Fother%2F761&utm_medium=PDF&utm_campaign=PDFCoverPages
Küçüksille, E., YalçÕnkaya, M., & Ganal, S. (2015). Developing a penetration test methodology in ensuring router security and testing it in a virtual laboratory. Association for Computing Machinery (ACM). Retrieved from: http://dl.acm.org/citation.cfm?doid=2799979.2799989
Koppel, T. (2015). Lights out: a cyberattack, a nation unprepared, surviving the aftermath. New York: Crown Publishers.
Lee, D. (2014). (ISC) 2 CISSP Common Body of Knowledge (CBK) Seminar- Linthicum, MD: Lecture notes. Personal collection of Dennis Lee, CISSP, (ISC)2, Queens.
Meserve, J. (2007). Sources: Staged cyber attack reveals vulnerability in power grid. CNN. Retrieved from: http://www.cnn.com/2007/US/09/26/power.at.risk/index.html?iref=topnews
Metasploit unleashed: scanner HTTP auxiliary modules. (2016). Offensive security. Retrieved from: https://www.offensive-security.com/metasploit-unleashed/scanner-http-auxiliary-modules/
NIST Special Publication (SP) 800-115: Technical guide to information security testing and assessment. (2008). National Institute of Standards and Technology (NIST). Retrieved from: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf
Rao, S., & Reed M. (2011). Denial of Service attacks and mitigation techniques: Real time implementation with detailed analysis. SANS Institute: Infosec Reading Room. Retrieved from: https://www.sans.org/reading-room/whitepapers/detection/denial-service-attacks-mitigation-techniques-real-time-implementation-detailed-analysi-33764
RFC 1918: Address Allocation for Private Internets. (1996). Internet Engineering Task Force (IETF). Retrieved from: https://tools.ietf.org/html/rfc1918
Sikorski, M., & Honig, A. (2011). Practical malware analysis: The hands-on guide to dissecting malicious software. San Francisco: No Starch Press.
Waichal, S., & Meshram, B. (2013). Router attacks-detection and defense mechanisms. International Journal of Scientific & Technology Research, 2(6). Retrieved from: http://www.ijstr.org/final-print/june2013/Router-Attacks-detection-And-Defense-Mechanisms.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Scully, C., Wang, P. (2018). Router Security Penetration Testing in a Virtual Environment. In: Latifi, S. (eds) Information Technology - New Generations. Advances in Intelligent Systems and Computing, vol 558. Springer, Cham. https://doi.org/10.1007/978-3-319-54978-1_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-54978-1_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54977-4
Online ISBN: 978-3-319-54978-1
eBook Packages: EngineeringEngineering (R0)