Presentation is loading. Please wait.

Presentation is loading. Please wait.

Project 2. Introduction Network Vulnerability Assessment “A review of a system of systems to identify weaknesses or errors in design, implementation,

Published byMarilynn Lewis Modified over 9 years ago

Similar presentations

Presentation on theme: "Project 2. Introduction Network Vulnerability Assessment “A review of a system of systems to identify weaknesses or errors in design, implementation,"— Presentation transcript:

1 Project 2

2 Introduction Network Vulnerability Assessment “A review of a system of systems to identify weaknesses or errors in design, implementation, or operation.”

3 Security Space Security Audit Security scanning service. It requires little or no knowledge or skill to set up and run. Platforms – Windows – Linux – Unix – Macintosh – Web servers – Database products. (Almost anything that can be remotely tested).

4 Advantages (claimed) An external view of your network. Getting an external view of your network usually involves getting access to a machine on the outside of your network for the purpose of running your scan. The cost of setting up and maintaining this type of access can often be more than the cost of this service alone. Reproducible. As an audit mechanism, Security Audits are a low cost, reproducible audit that can be run whenever you need. Low effort Setting up and configuring a vulnerability scanner for proper operation can be time-consuming. Always up to date By using a service, you automatically receive the latest vulnerability tests without having to install them into your own scanner

5 Different Services They offer four different types of service. – Standard Service. – Advanced Service. – Dedicated Service. – Recurring Service.

6 Standard Service The service scans more than 1500 ports (0-1024 and other service ports). The test can be set to start at time of convenience for the user. For monthly or annual subscription unlimited IP allocated for the user can be scanned unlimited times. The user can also purchase additional channels. Usually one channel is allocated to each user which mean a bandwidth of 50kbps. If the user wants to get more bandwidth it can be bought.

7 Advanced Service The service scans more than 65535 ports. The test can be set to start at time of convenience for the user. For monthly or annual subscription unlimited IP allocated for the user can be scanned unlimited times. It scan 256 IPs with one request for category or any test the user desires in the same network and the results will be shown in the same report. The user can also purchase additional channels. If the user wants to get more bandwidth it can be bought.

8 Dedicated Service Designed for large scale networks, can run 50 audits simultaneously (50 channels) per dedicated server. Servers can be leased weekly or monthly, without long term commitments. The user can audit unlimited IPs (providing the IP is yours, or allocated for your own use). Can run unlimited number of audits. The reports include detailed and comprehensive information on vulnerabilities and remedies. The reports can also be able merges into a single report, for comparison or summary

9 Recurring Service Performs a port scan of all 65,535 port of an IP for open ports and possible trojans. Can schedule audits to be launched automatically at selected times. The report provides detailed and comprehensive information on vulnerabilities and remedies. May use up your quota of audits as quickly or as slowly as you choose. May carry over unused audits (if any) from one year to the next

10 Comparison

11 Report Contents Risk Classification Summary Risk Classification Summary Baseline Comparison Control Baseline Comparison Control Comparative Security Rating Comparative Security Rating Vulnerability Category Summary Vulnerability Category Summary Vulnerability Title Summary Vulnerability Title Summary Vulnerability Details Vulnerability Details Open Ports Open Ports Complete Report Order Form Complete Report Order Form Appendix A: Risk Definitions Appendix A: Risk Definitions Appendix B: CVE Versioning Appendix B: CVE Versioning Appendix C: List of Tests Executed Appendix C: List of Tests Executed

12 Conclusion to SecuritySpace Security Audit For smaller organizations, Security scan is a means of convenience and no capital expenditure. Security scans of some kind should be part of any well- designed security maintenance plan. Disadvantages – Too many false positives (according to comments of various security experts). Since it is paid for the user would like the reports to be efficient. – If the system contains confidential information then it is not a very good idea to store the reports of vulnerability in someone else’s server.

13 SAINT5 (Security Administrator's Integrated Network Tool) SAINT™ screens every live system on a network for TCP and UDP services. For each service it finds running, it launches a set of probes designed to detect anything. When vulnerabilities are detected. SAINT vulnerability scanner categorizes the results in several ways, and creates a report specified by the user and also recommends fixes.

14 Diagram

15 Requirements. Operating systems: – SunOS 5.6/Solaris 2.6 or higher (Sun Sparc) – HP-UX 10.20 or higher – Linux 2.2 or higher (x86) – FreeBSD (x86) – OpenBSD (x86) – MacOS X Disk space – 10 MB for SAINT Memory – 256 MB (minimum) Other software tools required – PERL 5.004 or higher.

16 Features  Target Selection  Target File  Subnet Expansion  Data Preservation  Starting the Scan  Interactive Control Panel  Resuming an Interrupted Scan  Firewall Option  Windows Domain Authentication  Scan Levels – Discovery – Light – Normal – Heavy – Heavy Plus – Top 20 – Custom

17 Firewall Option For scanning targets which are behind a firewall from a system which is not behind the firewall, then choose the Firewall Support option. This option will cause SAINT to use TCP instead of ICMP for discovering live targets, and to adjust port scan settings to optimize performance through the firewall.

18 Windows Domain Authentication While some vulnerabilities on Microsoft Windows systems can be detected by an unprivileged scan, others, such as missing hot fixes and service packs, require administrative privileges on the target. In order to conduct a thorough scan of Windows targets, SAINT gives you the option of authenticating to the domain in order to detect these types of vulnerabilities.

19 Scan Levels Scan level can be of different intensity. – Discovery Hosts which are alive and reports their IP addresses. – Light SAINT collects information from the DNS (Domain Name System), tries to identify the operating system, and tries to establish what RPC (Remote Procedure Call) services the host offers and what file systems it shares via the network. – Normal This level includes all of the Light scan probes, and also includes probes for the presence of common network services

20 Scan Levels (cont.) – Heavy At this level, SAINT will check for services listening on any TCP and UDP port. (with the exception of ports which are known to cause certain software to crash when scanned) Any services detected will then be scanned for any known vulnerabilities. – Heavy Plus This scanning level is the same as heavy except that it does not attempt to avoid ports which are known to cause certain software to crash – Top 20 This is a special scanning level designed specifically to detect vulnerabilities which are among the SANS Top 20 Most Critical Internet Security Vulnerabilities – Custom This scanning level allows the user to run any combination of SAINT probes. Which of the user-defined scan levels to use is selected from the pull-down menu.

21 Pricing.

22 Conclusion to SAINT5 You can configure this tool extensively, tailoring scans to your network’s characteristics and determining the depth of the scans you run. SAINT has a very efficient way of presenting the report. The installation procedure is very easy. Conveniently, SAINT 5 can be configured to log on to Microsoft Windows domains— simply by using an administrative user name and password—to perform tests that require domain authentication. Disadvantages – Within reports there’s no query feature or grouping function that would help the user zero in on certain problems. – Quickly become overwhelming, especially if scanning larger networks.

23 Security Audit V.S SAINT. Price is definitely a factor. Secuirty Audit is available at just below $1000 (dedicated server) while SAINT while cost a shade below $3000. SAINT is runs specific scans as introduced by the user. While Security Audit is more general. SAINT provides more privacy than Security Audit since the reports are with the user. Security Audit is hassle free. And more convenient for small businesses and home user. While SAINT is built with the picture to maintain of large network in mind. Security Audit makes the maintenance easier and cheap, since no need to hire a in-house security expert (if situation permits it). SAINT offers technical support for a fee. SAINT provides a SAINTwriter to edit and present reports in different forms (e.g. executive form etc). Security Audit provides an external view of the system. While to get external view by using SAINT might prove expensive (setting up and maintaining the external machine). SAINT cannot be set up in a windows machine. While Security Audit does not need to be set up.

24 SOURCES http://www.saintcorporation.com http://www.securityspace.com www.pcmag.com http://specials.cramsession.com/s/promos/Security_Watch/Security_Watch_LP_2_2.htm http://www.esecurityplanet.com/trends/print.php/10751_1475291 http://www.nwc.com/1201/1201f1b1.html Security space (E-Soft Inc) 2025 Guelph Line Burlington, ON L7P 4X4 Phone:(905) 331-2260 Fax:(905) 331-2504 Toll-free:(800) 799 4831Email:general@securityspace.comgeneral@securityspace.com SAINT Corporation SAINT Corporation 4720 Montgomery Lane Suite 800 Bethesda, MD 20814 Phone: (301) 656-0521 or 1-(800) 596-2006 Fax: (301) 656-4806

25 Questions KAZI NASIM FAISAL 100659146 PICTURE TAKEN FROM:http://www.haverhillpl.org/images/question001.jpg

Download ppt "Project 2. Introduction Network Vulnerability Assessment “A review of a system of systems to identify weaknesses or errors in design, implementation,"

Similar presentations

WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Server-Side vs. Client-Side Scripting Languages

Server-Side vs. Client-Side Scripting Languages
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
1 Presentation ISS Security Scanner & Retina by Adnan Khairi 100183586.

1 Presentation ISS Security Scanner & Retina by Adnan Khairi
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
S ELECTION OF WEB HOST AND WEB PAGE SYSTEM. W EB HOST stores all the pages of your website and makes them available to computers connected to the Internet.

S ELECTION OF WEB HOST AND WEB PAGE SYSTEM. W EB HOST stores all the pages of your website and makes them available to computers connected to the Internet.
WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.

WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.
16.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.

16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.
Ch 11 Managing System Reliability and Availability 1.

Ch 11 Managing System Reliability and Availability 1.

Similar presentations

Ads by Google