Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four."— Presentation transcript:

1 CSCI 530L Vulnerability Assessment

2 Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four main steps Cataloging assets and capabilities (resources) in a system Assigning quantifiable value and importance to the resources Identifying the vulnerabilities or potential threats to each resource Mitigating or eliminating the most serious vulnerabilities for the most valuable resources

3 Penetration Testing Method of evaluating the security of a system by simulating a hacker attack Penetration Test and Vulnerability Assessment are different In a vulnerability assessment, we identify the weaknesses, but do not exploit them Tools for a penetration test Metasploit Exploit Tree

4 Network-wide vulnerability assessment Identify all the resources in the network Assign a criticality rating For example, a rating between 1 and 10 with 10 having a high criticality (such as a Domain Controller), and a 1 having a low criticality (a rarely used workstation) Identify the threats to the resources Start with the most critical resources and work your way down to the least critical systems Start eliminating threats to the systems Patching, closing ports, removing services, uninstalling programs, etc. Start with the most critical systems and work your way downwards

5 Single-system vulnerability assessment Two different approaches Attempt to figure out all the vulnerabilities yourself Very difficult to do effectively unless you have complete knowledge of that particular operating system Use a combination of common hacking tools and hacking techniques If you are a good hacker and know a lot about operating systems, this method will potentially bring out more vulnerabilities of the system Use a vulnerability scanner Easier to use a tool to get a report of a particular system Subject to false positives Must be used by an expert in security, because otherwise the report generated is useless

6 Nessus The open-source vulnerability assessment tool Most security experts consider it more powerful than even commercial software Uses plug-ins for vulnerability assessment Has up to date vulnerability exploits to scan Has a scripting language called Nessus Attack Scripting Language (NASL), so if you find a vulnerability, you can write a script for Nessus to scan for that particular vulnerability Can scan secure protocols, like SSL Can scan multiple computers, generating one report for all systems on a network Mature – its been around since 1998

7 Nessus Components Server Nessusd Used to be linux only, but the company recently released Nessus version 3, which has a Windows server version Listens on ports for nessus clients to connect to it Client Nessus Windows and Linux versions Connects to the Server for certificates and plug-ins Scans are run BY THE SERVER, the client configures how the scans are to be run

8 How we are going to use Nessus Backtrack Linux live CD Boots linux off of the CD and loads the tools into RAM Specialized for vulnerability assessment and penetration testing Nessus is already configured for us on Backtrack Load up the CD, load the nessus daemon, and start scanning

Download ppt "CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four."

Similar presentations

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)

Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)
9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.

9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.
Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University

2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University
Vulnerability Analysis

Vulnerability Analysis
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.

OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.

Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Personnel 500-600 hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security.

Personnel hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security.

Similar presentations

Ads by Google