Vulnerability assessment can provide vital information on potential security vulnerabilities in a webserver or computer network. We will demonstrate how Armitage and other tools available in Backtrack 5 can be used for the penetration testing of a webserver running on SELinux. We will discuss the concept of least privilege and the usage of network scanning tools. Additionally, will give tips for hardening MySQL, Apache, and SELinux once vulnerabilities in the network have been established.
Presenters, Scott Sisco and Christina Saunders are both members of the Whatcom Community College’s cyber defense team and recently competed in the Western Regional Collegiate Cyber Defense Competition.