Presentation is loading. Please wait.

Presentation is loading. Please wait.

Foundstone Scanner User Training.

Published byAyana Baye Modified over 9 years ago

Similar presentations

Presentation on theme: "Foundstone Scanner User Training."— Presentation transcript:

1 Foundstone Scanner User Training

2 Observation There are few (if any) funny cartoons about network vulnerability scanning

3 Observation There are few (if any) funny cartoons about network vulnerability scanning … so make fun of Powerpoint

4 Why scan? Know what the Bad Guys (as well as students and other interested parties) see when they look at your machines Identify machines you are responsible for that managed to avoid your best attempts to patch them Interesting Factoid: A recent campus scan identified over 50 machines that were vulnerable to Conficker because of a missing patch Address audit points from our last audit

5 Scanner Info Foundstone FS-1000 appliance Accessed via web browser
Licensed for 2500 addresses Currently has over 500 addresses from the border exemption database No interior firewall addresses at this point

6 The Plan Allow colleges/departments to scan their own machines, reduces dependency on ITSO and better utilizes the FS-1000 Individuals identified from each of the major constituent groups (colleges, auxiliaries, departments) ITSO will provide FS-1000 credentials to designated users

7 Using the FS-1000 scanner Use Internet Explorer to connect to: FS does not support Firefox. Sorry, *nix folks. Don’t know about Safari. May need to allow pop-ups and javascript from the FS-1000. Portions of the FS-1000 written in java run on the client.

8 Let’s get started https://eclipse.sdsu.edu Organization: sdsu
Credentials as assigned

9 Security 101: Change your password! (1)
Menu Bar: Manage >> Users/Groups

10 Security 101: Change your password! (2)
Select Run if you get a Java version alert about earlier version required Drill down in the tree to your workgroup and user object Open your user object Set a new password (letters, digits, special characters) DO NOT CHECK LOCKED!

11 Create a new scan (1) Menu Bar: Scans >> New Scan
Start with a template, select “Use a Foundstone template”

12 Create a new scan (2) Choose the SDSU General Purpose template
Covers most systems on campus, non-intrusive

13 Create a new scan (3) IP Selection box uses java, choose Run if you get the Earlier Version alert Name your scan Add IP addresses from your assigned address pool Next>> or Settings

14 Create a new scan (4) May not need to change anything
Can select or deselect entire platform Intrusive is not selected, know what you’re doing before using it Next>> or Reports

15 Create a new scan (5) Other Settings
Hosts: Ports that FS uses to determine whether a host exists Services: Ports that FS uses when searching for known services Credentials: Used for Shell scans and most Windows scans Web Module: Can look for various web security issues Optimize: Modify engine settings Web Modules Source Sifting Analyzes Web pages for database connection strings, hidden form fields, and other potential security problems. Smart GuessWork Exposes sensitive files, archives, and directories as well as default web server configurations. SQL Security Analysis Identifies SQL query validation failures. Source Code Disclosure Detects when Web application source code can be anonymously revealed. Web Auth Analysis Discovers weak usernames and passwords (easily guessed or default user accounts). (Basic, NTLM, or Digest)

16 Create a new scan (6) Remediation Tickets are not implemented, uncheck
Use Internal Scan unless you know that only border-exposed ports will be scanned Recommend: PDF (downloadable), HTML (downloadable and viewable online) Next>> or Scheduler

17 Create a new scan (7) Choose One Time or Recurring
Active must be checked in order to run the scan. Inactive scans will be saved, but can’t be run. OK finishes the Scan creation process. Will see “The Scan was successfully saved.” on the Dashboard

18 Deep Cleansing Breath We have a scan, now what?

19 Tech Support Tip

20 Start or Edit an existing scan
Menu Bar: Scans >> Edit Scans Important Safety Tip: Delete removes all associated reports and vulnerability data Click Activate to start a saved scan

21 Edit a scan Editing is nearly the same as creating a new scan.
Can’t change the name of a scan.

22 Monitoring scan progress (1)
Menu Bar: Scans >> Scan Status

23 Monitoring scan progress (2)
Status does not auto-refresh, use the Refresh button Often seems to hang at 50% - be patient

24 Let’s see the results (1)
Menu Bar: Reports >> View Reports

25 Let’s see the results (2)
Shows the report engine progress 75% always seems to take a looooong time, not just WPS (Watched Pot Syndrome)

26 Let’s see the results (3)
Whoops, where’d the report go???

27 Let’s see the results (4)
View Report only available if HTML was selected on the Reports tab of the Scan definition Clicking the download links will download a zip archive. Explode it and drill down to the top level (report.pdf or report.html) Click “Scan Reports” and it shows up View Report (HTML only) and Download icons for selected formats (downloads can be slow)

28 The Report (1) New IE window New IE window
Make it readable by Tools >> Text Size >> Medium New IE window

29 The Report (2) In IE, View >> Text Size >> Medium

30 The Report (3) Access the various sections of the report via the Report Pages menu

31 </powerpoint> <humor class=‘random geek bad’>
<demo class=‘foundstone live’ />

Download ppt "Foundstone Scanner User Training."

Similar presentations

B: STUDENT DRIVE MOVE INSTRUCTIONS. Using Internet Explorer: From your computers desktop, double click on the Internet Explorer icon. (Internet Explorer.

B: STUDENT DRIVE MOVE INSTRUCTIONS. Using Internet Explorer: From your computers desktop, double click on the Internet Explorer icon. (Internet Explorer.
Create a Web Site with Publisher 2000 for Marilyn Seguins Class.

Create a Web Site with Publisher 2000 for Marilyn Seguins Class.
Hello, my name is Abacus Owl! Ill be popping in throughout the presentation today to see how things are going. Welcome! Please have a seat and login to.

Hello, my name is Abacus Owl! Ill be popping in throughout the presentation today to see how things are going. Welcome! Please have a seat and login to.
Microsoft TM SharePoint Content Management SystemTutorial By Mazen Abdallah Student Assistant at CNS 2010.

Microsoft TM SharePoint Content Management SystemTutorial By Mazen Abdallah Student Assistant at CNS 2010.
USING WORDPRESS. WEEK 1 1.Why WP? 2.Setting Up WP 3.Exploring the Admin screen 4.Page Organization 5.Posting 6.Polls.

USING WORDPRESS. WEEK 1 1.Why WP? 2.Setting Up WP 3.Exploring the Admin screen 4.Page Organization 5.Posting 6.Polls.
Garland Library Online Orientation. Introduction  This portion of the Online orientation is intended to help library users gain the basic knowledge and.

Garland Library Online Orientation. Introduction  This portion of the Online orientation is intended to help library users gain the basic knowledge and.
February 2014.  Remove Version 7.5 from your computer  Install NSTAR Version 10  Create the model and server connections.

February  Remove Version 7.5 from your computer  Install NSTAR Version 10  Create the model and server connections.
GALVESTON COUNTY, TX P-CARD TRAINING GALVESTON COUNTY.

GALVESTON COUNTY, TX P-CARD TRAINING GALVESTON COUNTY.
DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
DKJ. Logging On 1.Open Firefox. If Firefox is not installed on the machine download and install it. 2.If the screen does not look like the screen above.

DKJ. Logging On 1.Open Firefox. If Firefox is not installed on the machine download and install it. 2.If the screen does not look like the screen above.
SmartCall™ SMS SmartCall SMS by HME Wireless is a great tool to manage your patient workflow through your facility. Using the SmartCall SMS system, staff.

SmartCall™ SMS SmartCall SMS by HME Wireless is a great tool to manage your patient workflow through your facility. Using the SmartCall SMS system, staff.
Medicaid Alternative Benefit Plans (ABP) Processing

Medicaid Alternative Benefit Plans (ABP) Processing
Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.

Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Garland Library Online Orientation. Introduction  This portion of the Online orientation is intended to help library users gain the basic knowledge and.

Garland Library Online Orientation. Introduction  This portion of the Online orientation is intended to help library users gain the basic knowledge and.
XP Information Technology Center - KFUPM1 Microsoft Office FrontPage 2003 Creating a Web Site.

XP Information Technology Center - KFUPM1 Microsoft Office FrontPage 2003 Creating a Web Site.
SmartCall™ Messenger Account Setup

SmartCall™ Messenger Account Setup
DVG-N5402SP.

DVG-N5402SP.
DHP-306AV & DHP-W306AV. Agenda: How to change Encryption on a DHP-306AV How to change the Device Password on a DHP-306AV What will happen if the Device.

DHP-306AV & DHP-W306AV. Agenda: How to change Encryption on a DHP-306AV How to change the Device Password on a DHP-306AV What will happen if the Device.
South Dakota Library Network MetaLib Management Basics IP Ranges / Proxy Servers South Dakota Library Network 1200 University, Unit 9672 Spearfish, SD.

South Dakota Library Network MetaLib Management Basics IP Ranges / Proxy Servers South Dakota Library Network 1200 University, Unit 9672 Spearfish, SD.

Similar presentations

Ads by Google