The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. SecureWorks Scanning Module.

Slides:



Advertisements
Similar presentations
1 Reading Log Files. 2 Segment Format
Advertisements

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.
System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Vulnerability Analysis Borrowed from the CLICS group.
Network Security Testing Techniques Presented By:- Sachin Vador.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—4-1 Implement an IPv4-Based Redistribution Solution Assessing Network Routing Performance and.
1 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IP Address Management (IPAM) and its Security Implications Rick Bylina, Sr. Product Marketing.
1 Presentation ISS Security Scanner & Retina by Adnan Khairi
Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
Port Scanning.
© Copyright 2013 TONE SOFTWARE CORPORATION. Confidential and Proprietary. All rights reserved. ® Operator Training – Release Priority Traceroute.
SUBSTATION SECURITY WHY FIREWALLS DON’T WORK! ©Copyright 1998, Systems Integration Specialists Company, Inc. All Rights Reserved Presented by:
Ana Chanaba Robert Huylo
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 Module Summary  Cisco routers operate at Layer 3, and their function is path determination.
Lean and (Prepared for) Mean: Application Security Program Essentials Philip J. Beyer - Texas Education Agency John B. Dickson.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Copyright Justin C. Klein HECTOR Security Intelligence Platform Developed for: University of Pennsylvania School of Arts & Science.
© 2010 VMware Inc. All rights reserved Patch Management Module 13.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.0 Module 4 Learning About Other Devices.
Endpoint Control. Module Objectives By the end of this module participants will be able to: Define application detection lists to monitor applications.
IPv6 Network Assessor 111 © 2005 Cisco Systems, Inc. All rights reserved. Susan Shareshian Solutions Manager, Cisco Systems, Inc.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 8 TCP/IP Suite Error and Control Messages.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 8 TCP/IP Suite Error and Control Messages.
CIS 450 – Network Security Chapter 3 – Information Gathering.
Real Time Monitors, Inc. Switch Expert™. 2 Switch Expert™ Overview Switch Expert ™ (SE) currently deployed at 80% percent of the INSIGHT-100.
Connecting to a Network Lesson 5. Objectives Understand the OSI Reference Model and its relationship to Windows 7 networking Install and configure networking.
Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
Linux Networking and Security
by Barb Philipak 2002 Plank Road Publishing, Inc. International Copyright Secured * All Rights Reserved ©
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
Trinity Uses Nmap, shouldn’t you?. From “The Art of War” "... knowing your enemy 100% of the time, you will win your battle 100% of the time, knowing.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
Retina Network Security Scanner
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 8 TCP/IP Suite Error and Control Messages.
Attacking on IPv6 W.lilakiatsakun Ref: ipv6-attack-defense-33904http://
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 4 Learning About Other Devices.
INNOVATE THROUGH MOTIVATION MSP Services Overview KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.
Enumeration March 2, 2010 MIS 4600 – MBA © Abdou Illia.
-SHAMBHAVI PARADKAR TE COMP  PORT SCANNING.  DENIAL OF SERVICE(DoS). - DISTRIBUTED DENIAL OF SERVICE(DDoS). REFER Pg.637 & Pg.638.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Dynamic Host Configuration Protocol (DHCP)
Jen Beveridge and Joe Kolenda. Developed by Gordon Lyon Features –Host discovery –Port scanning –Version detecting –OS detection –Scriptable interaction.
Jen Beveridge and Joe Kolenda
Section 1.5 Circles Copyright © 2013 Pearson Education, Inc. All rights reserved.
C IBM Security QRadar SIEM V7.2.6 Associate Analyst
Footprinting (definition 1)
Vulnerability Scanning with Credentials
Introduction to Networking
Network Security and Monitoring
6. Operating Systems Finger printing & Scanning
Intro to Ethical Hacking
Обзор Windows Azure Connect
Metasploit Analysis Report Overview
Analyzing OS Sample Windows 7 image provided by different class
Copyright © 2004 The McGraw-Hill Companies, Inc. All rights reserved.
Copyright © 2012, Elsevier Inc. All rights Reserved.
Copyright © 2013 Elsevier Inc. All rights reserved.
Copyright © 2012, Elsevier Inc. All rights Reserved.
Copyright © 2014, 2000, 1992 Elsevier Inc. All rights reserved.
Copyright © 2012, Elsevier Inc. All rights Reserved.
Copyright © 2013 Elsevier Inc. All rights reserved.
Section 10.5 The Dot Product
Modeling Functionality with Use Cases
Copyright © 2012, Elsevier Inc. All rights Reserved.
Copyright © 2012, Elsevier Inc. All rights Reserved.
Copyright © 2013 Elsevier Inc. All rights reserved.
Copyright © 2012, Elsevier Inc. All rights Reserved.
Presentation transcript:

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. SecureWorks Scanning Module

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Perform internal and external network scans also asset discovery Quickly identify whether your scanning exposure increased or decreased over a period of time Expedite remediation utilizing the provided exposure synopsis and solutions

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Vulnerability Scanning Summary

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Remediation

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved.

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Synopsis, Description and Solutions

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Vulnerability Scanning Scheduler

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Types of Scans a)Default: similar to the Commonports_ping which scans approximately 4,500 ports that are frequently listening (such as ports 22, 80, 443, 445, etc.). Before attempting to scan a given host a ping must be returned. b)Discovery: profile will not perform a port scans only ping the specified networks/hosts and provide a report containing hosts that responded to the ping. c)Commonports_noping :similar to the default scan the only difference is that All target IPs will be port scanned and they do not have to return a ping. This implies a longer time to completion, as every IP will be port scanned for ~4,500 ports d)Allports_ping: this scan is ran against all ~65,000 ports on every target IP. Before attempting to scan a given host a ping must be returned. e)Allports_noping : this scan is leverage all ~65,000 ports on every target IP. All target IPs will be portscanned; they do not have to return a ping. This implies a significantly longer time to completion, as every IP will be portscanned for ~65,000 ports. A scan of a /24 network can be expected to take close to 24 hours. f)Allports_noping-Exceedingly_Verbose : scans all ~65,000 ports on every target IP. All target IPs will be portscanned; they do not have to return a ping. This implies a significantly longer time to completion, as every IP will be portscanned for ~65,000 ports. A scan of a /24 network can be expected to take close to 24 hours. This profile is designed specifically to return multiple low-risk exposures for every host scanned. g)OS_Detection : Scans a few ports in an effort to fingerprint the OS. Before attempting to scan a given host a ping must be returned.

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Pending/Completed Scans

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Active Scan Progress

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. Conclusion Secure Operations Center

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.