IT 463 – Scanning Assignment Shane Knisley Erik Bennett.

Slides:



Advertisements
Similar presentations
By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.
Advertisements

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Network Attached Shell: N.A.S.ty Systems That Store Network Accessible Shells Jacob Holcomb Security Analyst Independent Security Evaluators.
Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
VULNERABILITY SCANNERS By Ranga Roy Chowdary koduru Raveesh Chilakapati.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.
Computer Security and Penetration Testing
1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.
Team BAM! Scott Amack, Everett Bloch, Maxine Major.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
4/13/2010.  CSS Meeting  Stephen Crane on Programming Contests  1pm  Building 8 room /11/10.
1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Nessus - NASL Marmagna Desai [592- Project]. 2 Agenda Introduction –Nessus –Nessus Attack Scripting Language [ N A S L] Features –Nessus –NASL Testing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.
CERN’s Computer Security Challenge
CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.
Shadow Security Scanner Li,Guorui. Introduction Remote computer vulnerabilities scanner Runs on Windows Operating Systems SSS also scans servers built.
Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.
Network Security Techniques by Bruce Roy Millard Division of Computing Studies Arizona State University
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Linux Networking and Security
Vulnerability Scan Assessment CS/IT 463 Bryan Dean Jonathan Ammons.
Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.
1 TCP/IP, Addressing and Services S. Hussain Ali M.S. (Computer Engineering) Department of Computer Engineering King Fahd University of Petroleum and Minerals.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.
MIS Week 6 Site:
Cracking Techniques Onno W. Purbo
Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilities Bert Miuccio
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
Worm Defense Alexander Chang CS239 – Network Security 05/01/2006.
Socket Programming Introduction. Socket Definition A network socket is one endpoint in a two-way communication flow between two programs running over.
Retina Network Security Scanner
Module 5 – Vulnerability Identification  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.
Unix network Services. Configuring a network interface In Unix there are essentially two commands that are used to enable TCP/IP. ifconfig route.
Firewalls Fighting Spyware, Viruses, and Malware Ch 5.
Computer Network Architecture Lecture 6: OSI Model Layers Examples 1 20/12/2012.
UDP: User Datagram Protocol Brian Jorgage CSC /24/2004.
Vulnerability Scanning Michael Overton, Jason Ferris, Erik Brown.
GFI LANguard Matt Norris Dave Hone Chris Gould. GFI LANguard: Description Through the performances of the three (3) cornerstones of vulnerability management:
1 K. Salah Application Layer Module K. Salah Network layer duties.
Top 10 Hacking Tool Welcome TO hackaholic Kumar shubham.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
CS 372 COMPUTER COMMUNICATION AND NETWORKS
Enumeration.
MySQL Exploit with Metasploit
Calvin Wilson Craig Delzangle
Onno W. Purbo Cracking Techniques Onno W. Purbo
Working at a Small-to-Medium Business or ISP – Chapter 7
Chapter 4 Core TCP/IP Protocols
Securing Network Services
A Distributed DoS in Action
Metasploit Assignment
Nessus Vulnerability Scan
Metasploit Analysis Report Overview
Operating System Security
Metasploit assignment – Arkadiy Kantor – Mis-5212
Hacking Windows Damian Gordon.
Computer Networks Protocols
Presentation transcript:

IT 463 – Scanning Assignment Shane Knisley Erik Bennett

Scanners Used X-Scan Retina Nessus GFI-LanGuard

Domain Scanned CS Domain

Problems Finding a fifth scanner Most of the others are not supported anymore SARA, could not get the UNIX GUI to work, so could not run the SARA program. Attempted to obtain other scanners on scanners list but unsuccessful Scanning the wireless network first (As directed by CS department Systems Analyst). No success with Metasploit. GFI has limitation on number of computers. Got a KeyGen for Retina (finally)‏ Network is dynamic, computer there today, not there tomorrow.

X-Scan 43 computers found 15 machines with reported vulnerabilities. 22 total vulnerabilities Most common Vulnerability was: snmp (161/udp) Password "public“ (11)‏ #2 :tcp - MS Task Scheduler (13852) (2)‏ The other 8 were specific to 1 machine each.

Nessus Scanned a day after X-scan 54 machines found. 13 Machines had 36 Warnings 4 Machines had 8 Holes Holes include:  1. missing patches (H)‏  2. epmap (135/udp) (L)‏  3. H: microsoft-ds (445/tcp) 12209, 11835, 19407, (L)‏  4. Radius (L)‏

Nessus Cont’d Warning: (36)‏ Most Common  snmp (161/udp) 10800, 10551, (5 machines)‏  osu-nms (192/udp) (4 machines)‏  ultima-online-game (5009/tcp), (4 machines)‏  general/icmp (4 machines)‏  commplex-main (5000/tcp) (3 machines)‏

GFI -LanGuard 25 Machines scanned due to limitation. 122 High Vulnerabilities 4 Medium Vulnerabilities 72 Low Vulnerabilities # 1 High Vulnerability is:  POP3 server might be vulnerable to a remote buffer over flow exploit (21 machines)‏  & had the highest severity with several backdoors.

LanGuard Continued

Retina 46 Vulnerable Machines found 208 Vulnerabilities 79 High Risk 57 Medium Risk 72 Low Risk

Retina Distribution

Metasploit Most Machines had Open Ports & Several services running, including telnet. We did get into a machine running FTP with no root password. Otherwise, NO SUCCESS AT ALL.  Some had connections with machines.  Did not get any payloads run.

Metasploit Examined scanner reports and SANS Top 20 descriptions Noted most common vulnerabilities and mapped to SANS Examined exploits and mapped to SANS vulnerabilities linked to common vulnerabilities Repeated for critical vulnerabilities

San Top 20 Did not find anything that mapped directly to the CVE numbers listed for the San’s Top 20

Conclusion Most common vulnerability had to due with snmp. Most critical were the backdoors found in on a couple of machines.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.