Automating the hacking process
Transcription
Automating the hacking process
The Only Way To Test Your Application Aware Network Because you can’t use fake traffic to test a real network MU DYNAMICS, INC. | ALL RIGHTS RESERVED | COMPANY CONFIDENTIAL | COPYRIGHT 2010 -2- Mu Dynamics at a Glance Founded in 2005, Market Focus: • Pioneer and leading provider of testing solutions that enable faster, higher quality deployments of application-aware networks More than 80 customers and 150 deployments across key verticals including: • Top 5 Service Providers/Operators in North America • Top 10 Network Equipment Vendors • Multiple government agencies Industry Recognition: • 25+ awards for customer implementations, product innovation • 2010 Inducted To SC Magazine’s Hall of Fame As Industry Innovator • 2009 Unified Communications Excellence Award Key Industry Partners: 2 Select Customers 3 Enabling a High Quality Deployment TEST MODULES Studio Verify Studio Scale Interop Studio Fuzz Protocol Fuzzing PCAPR.net Resiliency Denial of Service (DoS) Security Published Vulnerabilities (PVA) Scale Monitoring Automation Reporting Test Automation Platform TESTING Customer Content Functional Security Platform • Hardware appliance + Platform software – Automation: Re-starters for lights out testing – Fault Isolation: Monitors for SNMP, Protocol, Command, Syslog & Console – Remediation: Self-contained toolkit to reproduce defects 2u chassis 4x10G SFP+ 4x1G SFP Target Appliance + Platform Software 5 Sample Apps on Mu TestCloud Collaboration • • • • eBuddy Flickr Google Docs WebEx Peer-2-Peer (P2P) • • • • • • BitTorrent eDonkey Gnucleus MUTE Gnutella Swapper Social Networking • • • • • 6 Bebo Flixter Friendster MySpace Orkut Games/Facebook Apps Instant Messaging (IM) • • • • • • • • • • • • • • • • • • • Café World FarmVille Lord of the Rings Mafia Wars Music Pets Scrabble World of Warcraft YoVille ZooWorld Zynga Misc. Apps • • • • • • • Adobe Updater Apple Updater Blogger eBay Picasa WeatherBug Yahoo! Finance AIM AOL Google Talk IRC ICQ Jabber MSN Rediff Bol Yahoo! Messenger Streaming • • • • • • BBC iPlayer Hulu Metacafe Silverlight Skype VNC Protocols • • • • • • • • • • • • • • • • • • • • CIFS DIAMETER FTP H.248 HTTP IMAP LDAP MGCP MODBUS MOUNT NFS POP3 Portmap RADIUS RTP RTSP SIP SMTP SNMP TELNET How Do You Test the Security of a Network That is Faced with... • • • • • • DDoS attacks Cyber-security attacks Known vulnerabilities Viruses, malware, SPAM, unwanted content Malformed traffic In the face of – Cloud enablement – Data center consolidation • Without affecting your users and valid applications 7 Mu Test Suite - Immediate Testing of Any App Mu Studio Scale Ready-to-run Tests on Mu TestCloud 30% 20% 50% Pcaps on pcapr.net 8 App-Aware Service Introducing Mu TestCloud • A cloud-based Test Asset sharing community – http://testcloud.mudynamics.com • Hundreds of App tests available today and growing rapidly • Private Spaces – With collaborators, Test Plans and Test Assets – All your scenarios belong to you, accessible only to those you invite • Crowd-source testing How Studio Recreates Application Traffic Client HTTP Server Login - UserName - Password Video Server Accepted - Session ID Request - Session ID - Movie Response - Session ID - Video Server IP Terminate - Session ID Session Terminated - Session ID Video Server IP - Login - UserName1 Password1 Accepted - Session ID-1 Parameters Options: Green Variables: Blue Assertions: Red 10 Mu Workflow Recreate real applications by downloading ready-to-run tests for 100s of apps from the Mu TestCloud or automatically generate tests from traffic captures It is as simple as... Recreate Mu TestCloud One test for Security, Scale and Functional testing Run Security (Fuzz) Scale Functional (Verify) µ Your Network Share test cases with others, inside and outside your org Share Internal Teams Vendors Mu TestCloud Studio Scale Use Cases • Application Signature Testing – Ensuring app traffic is handled correctly • L7/Application QoS Policy Control – Testing of traffic classification/shaping, throttling mechanisms • Application Scalability/Capacity – Sizing, capacity planning, dimensioning of infrastructure 12 Security Threats are Increasing and Costing Millions • New and emerging threats – Worms, viruses, malware, vulnerabilities, DDoS attacks – Social media, smartphones at high risk • High profile outages and disruptions cost millions – Mastercard, Citigroup, Sony, Amazon, Lockheed Martin Over 3 billion malware attacks in 2010 (Symantec) Over 15,000 cyber-attacks per day on US Gov (DHS) 13 Operators Need to Strengthen Defenses to Ensure Network Security • Perimeter defense systems against threats – Firewalls, UTM, IPS/IDS, Network security and Web/Email gateways • Core infrastructure against unknown weaknesses – Critical Infra systems, Unified Comms. systems, Web servers 14 Requirements for Network Security Testing • Unified – Single solution for multiple types of security threats – Use common workflow for test creation, execution and reporting – Collaboration tools for faster defect remediation • Exhaustive – Provides millions of malformed test cases – Extends to custom and standard apps and protocols – Leverage new known attacks as they are discovered • Simple – Readily available test content for rapid testing – Does not require a security expert to derive value 15 Fuzz Testing for Resilience • Auto-generate custom fuzz test cases from captures – Your traffic for custom and proprietary protocols – Community pcaps • Millions of fuzz test cases for standard protocols • Integrated set of monitors to identify weaknesses • Remediation tools to accelerate defect resolution Single Agent 16 Multi-Agent Known Attacks • Audit firewalls, IPS/IDS, UTM using thousands of known attacks • Run tests with impairments to evade detection – Fragment, delay, reorder, re-sequence, drop, etc. • Obtain monthly updates for the latest known attacks PV 17 Distributed Denial of Service • Create custom DDoS flood tests for any protocol or app • Run application-level DDoS testing • Obtain actionable results – Correlate injection rate and monitor results with crashes/faults DoS 18 The Mu Advantage Accuracy Legacy Test Tools Mu Studio Garbage In Garbage Out Real Traffic In Real Traffic Out Synthetic application traffic (random 1s & 0s in the application payload) Real application traffic TCP Replay Application Replay Immediate access to 1,000s of ready-to-run test cases Speed Months-long delay waiting for test tool vendor to write new tests Ability to generate—in minutes—100s of automated tests from a single traffic capture Ability to create new tests as soon as new applications emerge Flexibility Single-purpose test tool Multi-purpose test platform Finite number of tests Infinite number of tests Vendor priorities drive test creation Customer priorities drive test creation RFC driven Real-world driven Standard protocols Applications Non-standard, proprietary protocols AND Standard protocols Bit-blasters (or network protocol generators) are best for testing throughput and RFC compliance Mu is the only test solution that can accurately recreate application traffic, making it a must-have for testing application-aware networks Bottom Line 19 Customer Success - Adaptive Security Appliances • Challenge – Ensure resilience of security gateway system that inspects Cisco proprietary and standard services • Solution – Testing Skinny, SIP, HTTP, RTSP and other protocols to ensure that system does not allow unknown vulnerabilities into the secured network. Simulating malformed traffic to test protocol parsers for resilience. • Results – Identified multiple issues with multiple protocols like SIP – Discovered 33% more defects than other test tool – Percentage of customer vs internal found vulnerability defects (20/80) “The Mu solution was able to find many hidden vulnerabilities in our products. I had no solution for testing proprietary protocols like Skinny until Studio.” 20 Key Differentiators for Mu Test Solution 5 Techniques for Proactive Security and Reliability Testing 1) 2) 3) 4) Stateful Protocol Fuzzing – support for 70+ protocols Mu Studio Zx – Fuzzing real world traffic scenarios Denial of Service flood attack module Published Vulnerability Analysis (known exploits) Mu Dynamics Confidential 21 Differentiators for Mu’s Protocol Fuzzers • Mu test platform can act in BOTH endpoint mode testing the control plane of the DUT and pass-thru mode (acting as the sender and receiver) • Mu test platform can act as both the client and server using two physical test interfaces exercising the forwarding engine of the DUT and/or an entire network architecture. • Mu provides test coverage for MPLS, L2 VPN’s, and running all services over IPv6 stacks which is critical to Service Providers, and Enterprise customers leveraging MPLS VPN services •VPLS using LDP for PW and MPLS tunnel setup •VPLS using BGP for PW setup and LDP for MPLS tunnel setup •RSVP-TE •VPLS using BGP for PW setup and RSVP for MPLS tunnel setup Mu Dynamics Confidential 22 Differentiators for Mu’s Protocol Fuzzers • Mu test platform can perform automatics fault isolation on soft faults and not just hard crashes • Soft faults are detected using Response Time Measurements which are collected and graphed out in real time. These metrics are unique to the Mu fuzzing framework and can expose weaknesses that other tools miss including service interruptions and performance degradation, slow memory leaks, etc.. • Mu test platform can perform automatic fault isolation based on service failure or integrated Monitors (CLI Command Monitors, Passive Console Monitors, Log Monitors, Syslog Monitors, and SNMP Monitors). The Mu test solution has these “Integrated Monitors” built in (plug n play) to identify more bugs than legacy software tools that provide pre-compiled test cases. • Mu test platform can instrument multiple protocols concurrently as health checks. If any service fails the Mu will automatically isolate which fuzz test case causes any of the protocols running on the DUT to fail. • For example, fuzz testing BGP and monitoring the health of BGP, OSPF, LDP, and PIM during the test run. If any of these 4 services has a failure the Mu will identify which BGP fuzz test cases causes the issue. This is key for System Testing..not just protocol level testing. Mu Dynamics Confidential 23 Differentiators for Mu Studio Zx • Mu Studio Zx was released 1 year ago as a ground breaking approach to fuzz testing. It has been rapidly adopted by major SP accounts and carrier equipment vendors. • The Mu Studio Zx modules allows the user to import packet captures and auto-generate intelligent fuzz test cases based on real world transactions. This is not packet replay. • Mu is the only commercial solution that can fuzz multi-protocol transactions in the same test scenario against a endpoint device (e.g. router or endpoint application) • Mu Studio provides tools to make interactions with an endpoint stateful. • Mu Studio can replicate a field issue and then auto-generate boundary test cases for the flows causing the field issue • Fuzz test cases using Mu Studio can be run over a variety of transports including Ethernet, IPv4, IPv6, UDP, TCP, TLS, SCTP, etc. Mu Dynamics Confidential 24 Differentiators for Denial of Service Module • Ability to simulate Denial of Service flood attacks for validating robustness of services including routing protocols, multicast protocols, management protocols, VoIP, IPTV, etc. •Well known DoS attacks also available – TCP, UDP, ICMP •Customer-selectable payloads can be randomized e.g. OSPF Hello Flood, IGMP Join Flood, Tunneling Flood traffic scenarios in L2 VPN’s, IPv6 flood attacks • Mu provides the only DDoS tool that can randomize the application payload exposing weaknesses that other tools miss •User-specified ramp-up, ramp-down rates and patterns •Selectable instrumentation protocol used for response time metrics •For example, monitoring VPLS tunnel setup while flooding OSPF Hello packets •Results: Identify ramp time and packet rate to cause a service failure Identify recovery time after DoS attacks are stopped Monitor CPU, Memory, and other resource utilization levels •Denial of Service test scenarios are Mu XML templates that can be executed during release cycle to test policing features designed to protect the control plane of core and edge routers Mu Dynamics Confidential 25 Executive Summary • Challenge: Operators & MSOs need to test their application-aware networks to ensure they work and scale appropriately • Requirements: The key to solving this testing challenge is accuracy, speed and flexibility • Mu Solution: A single test platform for Security, Scalability and Functionality that provides: – Tests that accurately reflect their network – Test case creation in minutes, not months – Flexibility to handle new application flows and requirements 26
Similar documents
spirent studio performance - Info-Point
application & user level metrics so you can quickly resolve
More information