Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.

Slides:

Advertisements

Similar presentations

Driving Factors Security Risk Mgt Controls Compliance.

Advertisements

Attie Naude 14 May 2013 Windows Azure Mobile Services.

CN Objectives of the course To build and maintain a UNIX-based Network Systems & Servers Install Linux, fine tune the system, enable required server,

Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.

Technical Issues with Establishing Levels of Assurance Zephyr McLaughlin Lead, Security Middleware Computing & Communications University of Washington.

Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.

Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya.

Barracuda Web Application Firewall

Vulnerability Assessments with Nessus 3 Columbia Area LUG January

System and Network Security Practices COEN 351 E-Commerce Security.

University of Alaska System and UAF Information Technology Security Review 2007.

Vulnerability Analysis Borrowed from the CLICS group.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.

Web server security Dr Jim Briggs WEBP security1.

Installing and Configuring a Secure Web Server COEN 351 David Papay.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Vulnerability Types And How to Use Them.

NovaBACKUP 10 xSP Technical Training By: Nathan Fouarge

Capture The Flag Review Fall 2003 Giovanni Vigna University of California Santa Barbara

NDSU IT Security Theresa Semmens Chief Information Technology Security Officer Jeff Gimbel Senior Security Analyst.

Computerized Networking of HIV Providers Networking Fundamentals Presented by: Tom Lang – LCG Technologies Corp. May 8, 2003.

Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.

100 % UPTIME SLAs 27 | 8 DATA CLOUD CENTERSPODS SSAE-16, SOC 2 TYPE II, PCI-DSS, HIPAA, HITECH AT101, NIST , SAFE HARBOR COMPLIANT POWER INFRASTRUCTURE.

Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

1 Nessus - NASL Marmagna Desai [592- Project]. 2 Agenda Introduction –Nessus –Nessus Attack Scripting Language [ N A S L] Features –Nessus –NASL Testing.

Security of Web Technologies: WebObjects Keshava P Subramanya

CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.

Shadow Security Scanner Li,Guorui. Introduction Remote computer vulnerabilities scanner Runs on Windows Operating Systems SSS also scans servers built.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

The Microsoft Baseline Security Analyzer A practical look….

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,

Some Printer Notes Printers today come with OS, a filesystem, big hard drives, and (open) network access Risks include: 1.Sniffing print jobs going over.

Network Monitor By Zhenhong Zhao. What is the Network Monitor? The Network Monitor is a tool that gets information off of the host on the LAN. – Enumerating.

1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.

IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.

Crash Course in Web Hacking

Introduction A security scanner is a software which will audit remotely a given network and determine whether bad guys may break into it,or misuse it.

ITS – Identity Services ONEForest Security Jake DeSantis Keith Brautigam

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Web Security Group 5 Adam Swett Brian Marco. Why Web Security? Web sites and web applications constantly growing Complex business applications are now.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

5/18/2006 Department of Technology Services Security Architecture.

Securing the Linux Operating System Erik P. Friebolin.

James S. Rothfuss, Computer Protection Program COMPUTING SCIENCES NETS Network Equipment Tracking System.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.

Enumeration March 2, 2010 MIS 4600 – MBA © Abdou Illia.

NESSUS. Nessus Vulnerability Scanner Features: Ease of use Deep Vulnerability Analysis Discover network based and local vulnerabilities Perform configuration.

Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer.

In Depth Introduction to Containers On Microsoft Platforms Dave Strebel Cloud Technical Specialist Microsoft.

NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.

 December 2010 US Chief Information Officer Vivek Kundra released the Federal Cloud Computing Strategy. This became to be what is known as “Cloud First”

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Vulnerability Management Programs & The Lessons Learned

Hacking Windows.

Nessus Vulnerability Scan

Web Application Protection Against Hackers and Vulnerabilities

Security Patching.

Vulnerability Scanning with Credentials

Everything You Need To Know About Penetration Testing.

Nessus Vulnerability Scanning

Intro to Ethical Hacking

Technical Issues with Establishing Levels of Assurance

Using a Nessus Scanner on a

Objectives. Objectives Objectives Content Configure Microsoft Azure monitor.

Presentation transcript:

Greg Williams

IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591 F20102

Why Scan? An example 12/5/2010Greg Williams CS591 F20103

Planning for a scan Is the scan going to be on production services? How do I want it scanned? Do I have the man power to fix something right away (you knew about it, why didn’t you fix it)? What monitoring do I have in place and how do I watch it in case something goes wrong? Are there subnets that have specialized servers that need to be scanned for compliance? 12/5/2010Greg Williams CS591 F20104

Nessus  Vulnerability Scanner  Scans Windows, *nix, network infrastructures for known vulnerabilities  Web scanning – directory traversal, CGI vulnerability scanning  Compliance scanning – PCIDSS, DISA, CERT, NIST, GLBA, HIPAA  Ability to scan zero-day exploits 12/5/2010Greg Williams CS591 F20105

Nessus con’t 12/5/2010Greg Williams CS591 F20106

Nessus con’t  Safe Checks – Turns off possibly unsafe operations performed during scan.  Authentication – Ability to check the server fully via SMB, Kerberos, Windows, SSH  Plugins – Turn on or off specific types of scans  Preferences – Granular checks (DB, Web including HTTP form authentication, CGI scans, etc) 12/5/2010Greg Williams CS591 F20107

Nessus Reporting 12/5/2010Greg Williams CS591 F20108

Nessus Reporting con’t 12/5/2010Greg Williams CS591 F20109

What do you do after reporting  OS Patching  Coding changes  Turn off ports 12/5/2010Greg Williams CS591 F201010

Maintain integrity  Fine tune scanning – if you aren’t logging into the server to check for vulnerabilities, you should be  Setup a scanning schedule, include systems that aren’t a high risk. Scan after a patch (2 days after Microsoft Tuesday)  Develop a baseline and scan immediately after a server comes online 12/5/2010Greg Williams CS591 F201011

12/5/2010Greg Williams CS591 F201012