Download presentation
Presentation is loading. Please wait.
Published byAmanda Bishop Modified over 9 years ago
1
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Sponsored by the U.S. Department of Defense
2
© 2001 by Carnegie Mellon University SS5 -2 Vulnerability Evaluation Topics Terminology Vulnerability tools Vulnerability reports Strategies for conducting vulnerability evaluations
3
© 2001 by Carnegie Mellon University SS5 -3 Terminology Technology vulnerability weakness in a system that can directly lead to unauthorized action Exploit process of using a technology vulnerability to violate security policy
4
© 2001 by Carnegie Mellon University SS5 -4 Vulnerability Tools Vulnerability tools identify known weaknesses in technology misconfigurations of ‘well known’ administrative functions, such as -file permissions on certain files -accounts with null passwords what an attacker can determine about your systems and networks
5
© 2001 by Carnegie Mellon University SS5 -5 What Vulnerability Tools Identify Physical Security Information Technology Security Staff Security Operational Practice Areas System and Network Management Monitoring and Auditing IT Security Authentication and Authorization Encryption Vulnerability Management System Administration Tools Security Architecture and Design Incident Management General Staff Practices Physical Security Plans and Procedures Physical Access Control Monitoring and Auditing Physical Security
6
© 2001 by Carnegie Mellon University SS5 -6 What Vulnerability Identification Tools Do Not Identify Misapplied or improper system administration (users, accounts, configuration settings) Unknown vulnerabilities in operating systems, services, applications, and infrastructure Incorrect adoption or implementation of organizational procedures
7
© 2001 by Carnegie Mellon University SS5 -7 Vulnerability Evaluation Tools Operating system scanners Network infrastructure scanners Specialty, targeted, and hybrid scanners Checklists Scripts
8
© 2001 by Carnegie Mellon University SS5 -8 Operating System Scanners Operating system scanners target specific operating systems, including Windows NT/2000 Sun Solaris Red Hat Linux Apple Mac OS
9
© 2001 by Carnegie Mellon University SS5 -9 Network Infrastructure Scanners Network infrastructure scanners target the network infrastructure components, including routers and intelligent switches DNS servers firewall systems intrusion detection systems
10
© 2001 by Carnegie Mellon University SS5 -10 Specialty, Targeted, and Hybrid Scanners Specialty, targeted, and hybrid scanners target a range of services, applications, and operating system functions, including web servers (CGI, JAVA) database applications registry information (Windows NT/2000) weak password storage and authentication services
11
© 2001 by Carnegie Mellon University SS5 -11 Checklists Checklists provide the same functionality as automated tools. Checklists are manual, not automated. Checklists require a consistent review of the items being checked and must be routinely updated
12
© 2001 by Carnegie Mellon University SS5 -12 Scripts Scripts provide the same functionality as automated tools but they usually have a singular function. The more items you test, the more scripts you’ll need. Scripts requires a consistent review of the items being checked and must be routinely updated.
13
© 2001 by Carnegie Mellon University SS5 -13 Vulnerability Tool Reports Vulnerability reports usually provide: identification and ranking of the severity of technological weaknesses found mitigation and corrective steps to eliminate vulnerabilities Determine what information you require, and then match your requirements to the report(s) provided by the tool(s).
14
© 2001 by Carnegie Mellon University SS5 -14 Sample Report
15
© 2001 by Carnegie Mellon University SS5 -15 Other Report Data
16
© 2001 by Carnegie Mellon University SS5 -16 Scoping Vulnerability Evaluations You need to scope a vulnerability evaluation. Two approaches are examining every component of your computing infrastructure over a defined period of time (comprehensive vulnerability evaluation) grouping similar components into categories and examining selected components from each category (targeted vulnerability evaluation)
17
© 2001 by Carnegie Mellon University SS5 -17 Targeted Vulnerability Evaluation Strategies Strategies for targeted vulnerability evaluations include grouping similar components into categories. Categories can include how components are used the primary operators of components classes of components
18
© 2001 by Carnegie Mellon University SS5 -18 OCTAVE Phase 2 Strategy Phase 2 of OCTAVE is a targeted vulnerability evaluation. Key classes of components are identified by considering how critical assets are stored processed transmitted
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.