Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIS 5211.001 Week 6 Site:

Published byKristian Golden Modified over 9 years ago

Similar presentations

Presentation on theme: "MIS 5211.001 Week 6 Site:"— Presentation transcript:

1 MIS 5211.001 Week 6 Site: http://community.mis.temple.edu/mis5211sec001f14/ http://community.mis.temple.edu/mis5211sec001f14/

2  Received the following note: MIS 5211.0012

3  News from ISC 2 and ASIS Conference  In the news  Nessus  Next Week 3MIS 5211.001

4  Submitted  http://defensesystems.com/articles/2014/08/15/dr ones-can-hack-wifi-networks.aspx http://defensesystems.com/articles/2014/08/15/dr ones-can-hack-wifi-networks.aspx  http://www.fool.com/investing/general/2014/09/ 28/home-depot-vs-target-diy-centers-data-breach- was-w.aspx http://www.fool.com/investing/general/2014/09/ 28/home-depot-vs-target-diy-centers-data-breach- was-w.aspx  http://www.scmagazine.com/reports-suggest- home-depot-was-hit-by-the-mozart- malware/article/373976/ http://www.scmagazine.com/reports-suggest- home-depot-was-hit-by-the-mozart- malware/article/373976/  http://www.forbes.com/sites/patrickmoorhead/20 14/09/29/hewlett-packard-designates-printing-a- first-class-iot-security-platform/ http://www.forbes.com/sites/patrickmoorhead/20 14/09/29/hewlett-packard-designates-printing-a- first-class-iot-security-platform/ 4MIS 5211.001

5  More  Bash  http://bits.blogs.nytimes.com/2014/09/26/companies -rush-to-fix-shellshock-software-bug-as-hackers- launch-thousands-of- attacks/?_php=true&_type=blogs&_r=0 http://bits.blogs.nytimes.com/2014/09/26/companies -rush-to-fix-shellshock-software-bug-as-hackers- launch-thousands-of- attacks/?_php=true&_type=blogs&_r=0  https://access.redhat.com/announcements/1210053 https://access.redhat.com/announcements/1210053  http://www.pcworld.com/article/2688932/improved- patch-tackles-new-shellshock-attack-vectors.html http://www.pcworld.com/article/2688932/improved- patch-tackles-new-shellshock-attack-vectors.html  http://www.itnews.com/exploits- vulnerabilities/84263/six-key-defenses-against- shellshock- attacks?source=ITNEWSNLE_nlt_itndaily_2014-09-30 http://www.itnews.com/exploits- vulnerabilities/84263/six-key-defenses-against- shellshock- attacks?source=ITNEWSNLE_nlt_itndaily_2014-09-30 MIS 5211.0015

6  More  http://www.joystiq.com/2014/09/30/hackers-charged- with-xbox-one-valve-call-of-duty-data-theft/ http://www.joystiq.com/2014/09/30/hackers-charged- with-xbox-one-valve-call-of-duty-data-theft/  http://www.ehackingnews.com/2014/09/data-breach- at-tripadvisors-viator.html http://www.ehackingnews.com/2014/09/data-breach- at-tripadvisors-viator.html  http://www.darkreading.com/application- security/how-a-major-bank-hacked-its-java- security/d/d-id/1316216? http://www.darkreading.com/application- security/how-a-major-bank-hacked-its-java- security/d/d-id/1316216?  http://www.waratek.com/Waratek/media/SiteMedia/ Documentation/DataSheet-Waratek-Application- Security-vs-3.pdf http://www.waratek.com/Waratek/media/SiteMedia/ Documentation/DataSheet-Waratek-Application- Security-vs-3.pdf  http://www.businessweek.com/news/2014-09- 29/supervalu-finds-separate-data-breach-in-computer- network http://www.businessweek.com/news/2014-09- 29/supervalu-finds-separate-data-breach-in-computer- network MIS 5211.0016

7  More  http://www.informationweek.com/cloud/software -as-a-service/amazon-reboots-cloud-servers-xen- bug-blamed/d/d-id/1316093 http://www.informationweek.com/cloud/software -as-a-service/amazon-reboots-cloud-servers-xen- bug-blamed/d/d-id/1316093 MIS 5211.0017

8  What I noted  http://arstechnica.com/apple/2014/09/apple- patches-shellshock-bash-bug-in-os-x-10-9-10-8-and- 10-7/ http://arstechnica.com/apple/2014/09/apple- patches-shellshock-bash-bug-in-os-x-10-9-10-8-and- 10-7/  https://threatpost.com/fbi-to-open-up-malware- investigator-portal-to-external-researchers/108590 https://threatpost.com/fbi-to-open-up-malware- investigator-portal-to-external-researchers/108590  http://www.dailydot.com/politics/tor-mozilla- firefox/ http://www.dailydot.com/politics/tor-mozilla- firefox/ MIS 5211.0018

9  Started in 1998 as an open source security scanning tool  Changed to a close sourced tool in 2005, but has remained “free” for personal use.  Surveys by sectools.org indicate Nessus remains the most popular vulnerability scanners  Not installed with Kali MIS 5211.0019

10  Four basic parts to the Nessus server:  Nessus-core  Nessus-libraries  Libnasl  Nessus-plugins MIS 5211.00110

11  Plugins are the scripts that perform the vulnerability tests.  NASL – This is the Nessus Attack Scripting Language which can be used to write your own plugins.

12  Hosts  Server.domain.edu  172.21.1.2  Subnet  192.168.100.0  Address range  192.168.1.1-192.168.1.10

13  Scanning methods:  Safe  Destructive  Service recognition – Will determine what service is actually running on a particular port.  Handle multiple services – Will test a service if it appears on more then one port.  Will test multiple systems at the same time.

14  Nessus will indicate the threat level for services or vulnerabilities it detects:  Critical  High  Medium  Low  Informational  Description of vulnerability  Risk factor  CVE number

15  CVE created by http://www.cve.mitre.org/http://www.cve.mitre.org/  Attempting to standardize the names for vulnerabilities.  CVE search engine at http://icat.nist.gov/

16 MIS 5211.00116

17 MIS 5211.00117 http://www.tenable.com/products/nessus/select-your-operating-system

18 MIS 5211.00118

19 MIS 5211.00119 https://store.tenable.com/index.php?main_page=index&cPath=2

20  Nessus is built on a classic client/server model.  The server portion may reside on a separate machine, or on the same machine as the client  The client is the interface that you will interact with to execute scans MIS 5211.00120

21  Download from Tenable Security  http://www.tenable.com/products/nessus/select- your-operating-system http://www.tenable.com/products/nessus/select- your-operating-system  Before installing, go to registration page and get the activation code  http://www.tenable.com/products/nessus-home http://www.tenable.com/products/nessus-home  Run the MSI package and follow the prompts  Install will also install PCAP and then take you to the registration page.  Enter activation code and follow the prompts to get updates and plugins MIS 5211.00121

22  Documentation for Nessus is available here:  http://static.tenable.com/documentation/nessus_4. 2_user_guide.pdf http://static.tenable.com/documentation/nessus_4. 2_user_guide.pdf  You will also get a link to this location during the install. MIS 5211.00122

23  You will need to turn off Anti-Virus and Firewall in order to get an effective scan or you will see this:  Before you do this, disconnect from any and all networks.  You will likely still get some blocking as AV doesn’t like to give up. MIS 5211.00123

24  Nessus is installed here: MIS 5211.00124

25  You should end up looking at web page hosted from your machine.  Book mark the page to save time getting back  URL will look like this:  https://localhost:8834/html5.html https://localhost:8834/html5.html MIS 5211.00125

26  When you first go to site, you will need to click on continue to the website.: MIS 5211.00126

27  Start MIS 5211.00127

28  Scans are based on policies, you will need to create that first. MIS 5211.00128

29  Next MIS 5211.00129

30 MIS 5211.00130

31 MIS 5211.00131

32 MIS 5211.00132

33 MIS 5211.00133

34  Once your scan has started you will see a status field like this: MIS 5211.00134

35  Once completed you will get the following notification: MIS 5211.00135

36 MIS 5211.00136

37 MIS 5211.00137

38 MIS 5211.00138

39  Important to note:  Also MIS 5211.00139

40  Note on criticality  The “Critical” risk factor is without any mitigating controls being taken in to account  Vulnerabilities need to be evaluated in context MIS 5211.00140

41  These results were obtained, even though Anti- Virus continued blocking multiple techniques.  Consider setting up a scanning machine without any AV or Host Firewall. MIS 5211.00141

42  In short order you will gather a large collection of scans  Use the built in folder system to move scans off of the main page MIS 5211.00142

43 MIS 5211.00143

44  The least significant vulnerabilities are classified as “Info” or informational.  These are often very useful in understanding details of the asset being scanned. MIS 5211.00144

45 MIS 5211.00145

46  Mid-Term  Will cover weeks 1-5. Will not include information from tonight  Questions will come from the presentation material  Exam will be multiple choice  NetCat Potentially  Batch Scripting MIS 5211.00146

47 ? MIS 5211.00147

Download ppt "MIS 5211.001 Week 6 Site:"

Similar presentations

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
AVG Internet Security 7.5 Product presentation.

AVG Internet Security 7.5 Product presentation.
How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.

How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.
Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January
Server-Side vs. Client-Side Scripting Languages

Server-Side vs. Client-Side Scripting Languages
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Northwestern University Information Technology UNITS Quarterly Meeting April 29, 2004 Network Security Roger Safian

Northwestern University Information Technology UNITS Quarterly Meeting April 29, 2004 Network Security Roger Safian
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
MIS 5212.001 Week 3 Site:

MIS Week 3 Site:
A common error that appears on the copier’s screen is seen here when a scan to Sharpdesk is not sent to the computer successfully. This guide intends to.

A common error that appears on the copier’s screen is seen here when a scan to Sharpdesk is not sent to the computer successfully. This guide intends to.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.

SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.
269200 Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
Technical Training: DIR-615

Technical Training: DIR-615
MIS 5211.001 Week 7 Site:

MIS Week 7 Site:
P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.

P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Similar presentations

Ads by Google