1. CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning

2. CIT 380: Securing Computer SystemsSlide #2 Vulnerability Scanning Scan for vulnerabilities in systems –Configuration errors –Well-known system vulnerabilities Scanning Tools –Nessus –Attack Tool Kit –GFI LANguard Network Security Scanner –ISS Internet Scanner

3. CIT 380: Securing Computer SystemsSlide #3 Vulnerability Scanner Architecture User Interface Scanning Engine Scan Results Report Generation Vulnerability Database

4. CIT 380: Securing Computer SystemsSlide #4 Nessus Report

5. Nessus Examples http://nst.sourceforge.net/nst/docs/user/ch02 s04.htmlhttp://nst.sourceforge.net/nst/docs/user/ch02 s04.html http://www.nessus.org/nessus/features/ness us-ss-big.pnghttp://www.nessus.org/nessus/features/ness us-ss-big.png CIT 380: Securing Computer SystemsSlide #5

6. CIT 380: Securing Computer SystemsSlide #6 Scanning Tools Summary InformationTool IP addresses of hostsping, nmap -sP Network topologytraceroute Open portsnmap port scans Service versionsnmap -sV OSnmap –O, xprobe VulnerabilitiesNessus, ATK

7. CIT 380: Securing Computer SystemsSlide #7 References 1.William Cheswick, Steven Bellovin, and Avriel Rubin, Firewalls and Internet Security, 2 nd edition, 2003. 2.Fyodor, “The Art of Port Scanning,” http://www.insecure.org/nmap/nmap_doc.html http://www.insecure.org/nmap/nmap_doc.html 3.Fyodor, NMAP man page, http://www.insecure.org/nmap/data/nmap_manpage.html http://www.insecure.org/nmap/data/nmap_manpage.html 4.Fyodor, “Remote OS detection via TCP/IP Stack FingerPrinting,” Phrack 54, http://www.insecure.org/nmap/nmap-fingerprinting- article.html 5.Simson Garfinkel, Gene Spafford, and Alan Schwartz, Practical UNIX and Internet Security, 3 rd edition, O’Reilly & Associates, 2003. 6.Johnny Long, Google Hacking for Penetration Testers, Snygress, 2004. 7.Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed, 5 th edition, McGraw-Hill, 2003. 8.Ed Skoudis, Counter Hack Reloaded, Prentice Hall, 2006.