Evaluación de mecanismos de seguridad basados en resultados de pentesting para mitigar riesgos de intrusión en servidores.

Abstract

The objective of this study is to assess the current state of servers concerning open port vulnerabilities so that penetration testing can determine whether it is vulnerable through a particular service, if so; what actions could be implemented to mitigate an intrusion risk. Every day new vulnerabilities appear in the services, so exposing outdated servers to the Internet, without a firewall, outside a DMZ (Demilitarized Zone), or without an antivirus system is illogical, unthinkable. The methodology used for this high-level security assessment or audit process is the PTES (Standard for the Execution of Penetration Tests) that embraces Deming's cyclical model of the ISO / IEC 27001 Security standard. This methodology includes collection phases of information of the objective to evaluate, study its vulnerabilities, and exploit them, for this use of hacking tools that are part of the Kali Linux operating system. Not all open ports are vulnerable and not all vulnerabilities are exploitable, the latter refers to a system that can be hacked by external or unauthorized people. To determine this limitation, perform the intrusion tests with the Metasploit Framework tool. If the attack is successful, the team is at risk of being attacked through the service used in the test. The probable results with the chi-square distribution support the hypothesis raised; the implementation of mechanisms to mitigate the risks of intrusion to servers. Services that presented exploitable vulnerability, such as ssh and rdp, were stopped. This study allows knowing the methods that an attacker uses to violate computer systems, this should adopt an attitude of caution and awareness in the application of computer security on our servers.