Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.

Slides:



Advertisements
Similar presentations
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Advertisements

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
System Security Scanning and Discovery Chapter 14.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Chapter 1 Introduction to Security
1 Colorado University Guest Lecture: Vulnerability Assessment Chris Triolo Spring 2007.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Computer Security and Penetration Testing
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Comp 8130 Presentation Security Testing Group Members: U Hui Chen U Ming Chen U Xiaobin Wang.
Vulnerability Assessments
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Norman SecureSurf Protect your users when surfing the Internet.
Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.
Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 4 Finding Network Vulnerabilities By Whitman, Mattord, & Austin© 2008 Course Technology.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
Information Security What is Information Security?
IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.
Topic 5: Basic Security.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
Risk (Vulnerability) Assessment & Penetration Test Approach 1VA PT Approach Confidential.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Computer Security Fundamentals by Chuck Easttom Chapter 11 Network Scanning and Vulnerability Scanning.
Computer Security By Duncan Hall.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Safe’n’Sec IT security solutions for enterprises of any size.
How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.
Defining your requirements for a successful security (and compliance
Your Partner for Superior Cybersecurity
Seminar On Ethical Hacking Submitted To: Submitted By:
Automating Security Frameworks
Common Methods Used to Commit Computer Crimes
Cyber Security: State of the Nation
Secure Software Confidentiality Integrity Data Security Authentication
Compliance with hardening standards
Answer the questions to reveal the blocks and guess the picture.
CIT 480: Securing Computer Systems
Call AVG Antivirus Support | Fix Your PC
Mcafee updates Mcafee antivirus uses a database of known virus definitions to identify malware and other threats on your computer system. So it is important.
I have many checklists: how do I get started with cyber security?
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Ethical Hacking ‘Ethical hacking’ is the branch of computer science that involves cybersecurity and preventing cyberattacks. Ethical hackers are not malicious.
Presentation transcript:

Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer Science Texas Tech University, USA Summer Cyber-Security Workshop, Lubbock, July 2014

Need for Vulnerability Management – Vulnerabilities on a network are GOLD to cyber criminals: Provide unauthorized entry to networks Can expose confidential information, fuel stolen identities, violate privacy laws, or paralyse operations Exposure is extreme for networks with vulnerable devices connected by IP Sources of Vulnerabilities  Programming errors  Unintentional mistakes or intentional malware in General Public License software  Improper system configurations  Mobile users sidestepping perimeter security controls  Rising attacks through viewing popular websites

Summer Cyber-Security Workshop, Lubbock, July 2014 Need for Vulnerability Management – Despite utilization of basic defenses, network security breaches abound TJX exposed 46M records DSW exposed 1.4M records CardSystems exposed 40M records 215M+ reported record exposures since 2005 (actual is significantly higher) – Automation is Crucial Manual detection and remediation workflow is too slow, too expensive and ineffective Attack Trends  Increased professionalism and commercialization of malicious activities  Threats that are increasingly tailored for specific regions  Increasing numbers of multistaged attacks  Attackers targeting victims by first exploiting trusted entities  Shift from “Hacking for Fame” to “Hacking for Fortune”

Summer Cyber-Security Workshop, Lubbock, July 2014 Need for Vulnerability Management – Did we learn our lessons? Most vulnerabilities are long known before exploited Successful exploitation of vulnerabilities can cause substantial damage and financial loss A few vulnerable systems can disrupt the whole network System misconfiguration can make systems vulnerable Challenges IT Security Face  NOT enough TIME, PEOPLE, BUDGET  Prioritization of efforts for minimize business risks and protecting critical assets. We can’t fix all problems - what can we live with?  Adapting to accelerating change in sophistication of attacks.

Vulnerability Scanning Vulnerability Management Summer Cyber-Security Workshop, Lubbock, July DISCOVERY (Mapping) 2. ASSET PRIORITISATION (and allocation) 3. ASSESSMENT (Scanning) 4. REPORTING (Technical and Executive) 5. REMEDIATION (Treating Risks) 6. VERIFICATION (Rescanning)

Vulnerability Scanning Mapping Summer Cyber-Security Workshop, Lubbock, July 2014 – Mapping Gives hacker’s eye view of you network Enables the detection of rogue devices

Vulnerability Scanning Prioritisation Summer Cyber-Security Workshop, Lubbock, July 2014 – Asset Prioritisation Some assets are more critical to business than others Criticality depends of business impact

– Scanning: takes an “outside-in” and “inside-in” approach to security, emulating the attack route of a hacker tests effectiveness of security policy and controls by examining network infrastructure for vulnerabilities Vulnerability Scanning Summer Cyber-Security Workshop, Lubbock, July 2014

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Vulnerability scanners Summer Cyber-Security Workshop, Lubbock, July 2014

Vulnerability Scanning How Vulnerability Scanners Work Scanning Engine Knowled ge Base GUI Results Target 2 Target 1 Target 3 Target 4 Vulnerability Database Summer Cyber-Security Workshop, Lubbock, July 2014

Vulnerability Scanning Similar to virus scanning software: – Contain a database of vulnerability signatures that the tool searches for on a target system – Cannot find vulnerabilities not in the database New vulnerabilities are discovered often Vulnerability database must be updated regularly Vulnerability scanners Summer Cyber-Security Workshop, Lubbock, July 2014

Vulnerability Scanning Network vulnerabilities Host-based (OS) vulnerabilities – Misconfigured file permissions – Open services – Missing patches – Vulnerabilities in commonly exploited applications (e.g. Web, DNS, and mail servers) Typical Vulnerabilities Checked Summer Cyber-Security Workshop, Lubbock, July 2014

Vulnerability Scanning Very good at checking for hundreds (or thousands) of potential problems quickly – Automated – Regularly May catch mistakes/oversights by the system or network administrator Defense in depth Vulnerability Scanners - Benefits Summer Cyber-Security Workshop, Lubbock, July 2014

Vulnerability Scanning Report “potential” vulnerabilities Only as good as the vulnerability database Can cause complacency Cannot match the skill of a talented attacker Can cause self-inflicted wounds Vulnerability Scanners - Drawbacks Summer Cyber-Security Workshop, Lubbock, July 2014

 Port scanner (Nmap, Nessus) Port scannerNmapNessus  Network enumerator Network enumerator  Network vulnerability scanner (BoomScan) Network vulnerability scannerBoomScan  Web application security scanner Web application security scanner  Database security scanner Database security scanner  Host based vulnerability scanner (Lynis, ovaldi, SecPod Saner) Host based vulnerability scannerLynisSecPod Saner  ERP security scanner ERP security scanner  Computer worm Computer worm Vulnerability Scanners tools

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Used by defenders to automatically check for many known problems Used by attackers to prepare for and plan attacks Summary Summer Cyber-Security Workshop, Lubbock, July 2014

Vulnerability Scanners tools comprehensive vulnerability scanner which is developed by Tenable Network Security.

Port scanner (Nmap)Nmap Vulnerability Scanners tools

Summer Cyber-Security Workshop, Lubbock, July 2014 Qualys

Summer Cyber-Security Workshop, Lubbock, July 2014 Qualys