Vulnerability Analysis Borrowed from the CLICS group.

Slides:

Advertisements

Similar presentations

Security Update Server Registration, Active scanning and Windows patching.

Advertisements

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated

Offensive Security Part 1 Basics of Penetration Testing

Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

System Security Scanning and Discovery Chapter 14.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January

System Hardening Borrowed from the CLICS group. System Hardening How do we respond to problems? (e.g. operating system deadlock) Detect Detect (Detect.

Vulnerability Scanning at NU Robert Vance NUIT-Telecom & Network Services.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

Network Security Testing Techniques Presented By:- Sachin Vador.

2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Computer Security and Penetration Testing

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Automating Endpoint Security Policy Enforcement Computing and Networking Services University of Toronto.

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Ana Chanaba Robert Huylo

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

© 2010 VMware Inc. All rights reserved Patch Management Module 13.

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Kirby Kuehl Honeynet Project Member 05/08/2002 Intrusion Deception.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

1 Nessus - NASL Marmagna Desai [592- Project]. 2 Agenda Introduction –Nessus –Nessus Attack Scripting Language [ N A S L] Features –Nessus –NASL Testing.

CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.

SATAN Presented By Rick Rossano 4/10/00. OUTLINE What is SATAN? Why build it? How it works Capabilities Why use it? Dangers of SATAN Legalities Future.

The Microsoft Baseline Security Analyzer A practical look….

CIS 450 – Network Security Chapter 3 – Information Gathering.

FNAL System Patching Design Jack Schmidt, Al Lilianstrom, Andy Romero, Troy Dawson, Connie Sieh (Fermi National Accelerator Laboratory) Introduction FNAL.

FORESEC Academy FORESEC Academy Security Essentials (III)

# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.

Linux Networking and Security

A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.

Grid Chemistry System Architecture Overview Akylbek Zhumabayev.

Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.

1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.

.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Introduction A security scanner is a software which will audit remotely a given network and determine whether bad guys may break into it,or misuse it.

Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Retina Network Security Scanner

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.

VULN SCANNING Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.

Hands-On Ethical Hacking and Network Defense

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.

Enumeration. Definition Scanning identifies live hosts and running services Enumeration probes the identified services more fully for known weaknesses.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.

How to fix Error code 0x80072ee2 in Windows 8.1? Fix%20%20Update%20Error%200x80072EE2%20in%20Windows%20 8.1,%20Windows%2010!%20-%20Fix%20PC%20Errors.htm.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

11 DEPLOYING AN UPDATE MANAGEMENT INFRASTRUCTURE Chapter 6.

Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Penetration Test Debrief

Overview – SOE PatchTT December 2013.

Vulnerability Scanning with Credentials

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Everything You Need To Know About Penetration Testing.

Intro to Ethical Hacking

Metasploit Analysis Report Overview

Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein

Presentation transcript:

Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Assessment Attack Overview –Gathering Information / Fingerprinting –Vulnerability Assessment –Attempt Exploit Defender –Fix Vulnerabilities To prevent exploits

Vulnerability Assessment Tools Collected Set of Tools for Determining Possible Security Holes Components –Port scanning –Additional checks on ports for: Software packages actually running Versions of those packages Possible vulnerabilities on these combinations –Vulnerability database to support above –Possibly other components Check for weak passwords Check for general patch levels Etc.

Example Going beyond port scanning –Port scanning may find port 21 listening, ftp –OS fingerprint – Linux 2.2 kernel –Service query – identifies ftp as wu-ftpd version –What specific vulnerabilities does wu-ftpd have?

Where To Position Vulnerability Assessment Tools? Don’t want them on bastion hosts, firewalls –Could be used against you Safer but less useful in secure zones Best may be to install on laptop –Connect to DMZ, insecure zone, secure zone when needed –Disconnect when not being used

Vulnerability Assessment Tools Linux –Nessus –SATAN/SAINT –SARA Windows –NeWT (Nessus for Windows) –ISS Internet Scanner –Cybercop Scanner (also Linux) –Microsoft Baseline Security Analyzer

Nessus Probably most well-known Unix/Linux VA tool Uses nmap for initial port scanning Two-level architecture –Server: runs scans –Client: control scans, view reports

Nessus Structure Uses plug-ins to abstract vulnerability tests –Tests further grouped into families Uses accounts for authorization Can configure through running server interactively –as opposed to running server in daemon state

Nessus Notes Prefs tab –Be careful with selecting ping –If ping refused, nessus may think system is down, not do further scans Plugins tab –Be careful with enabling all plugins Dangerous plugins can interrupt or even crash services on ports

Nessus results Good graphical interface Listing of findings with recommendations Example:

NeWT NeWT – Nessus Windows Technology Vulnerability database customized for Windows environments ewt.shtmlhttp:// ewt.shtml

Microsoft Baseline Security Analyzer Program that analyzes a Windows system for vulnerability Analyzes in several areas –OS and related utilities - patch levels HFNetChk – allows this to be done across network from central system (command line option) –Accounts – password content and expiration –Services – whether unneeded services present –Utility security settings (e.g. IIS, SQL Server) –Etc. Start/Programs/Microsoft Baseline Security Analyzer