Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerability Scan Assessment CS/IT 463 Bryan Dean Jonathan Ammons.

Published byKarin Christina Greene Modified over 8 years ago

Similar presentations

Presentation on theme: "Vulnerability Scan Assessment CS/IT 463 Bryan Dean Jonathan Ammons."— Presentation transcript:

1 Vulnerability Scan Assessment CS/IT 463 Bryan Dean Jonathan Ammons

2 Scanners Tenable Nessus Tenable Nessus GFI LANGuard GFI LANGuard Nmap Nmap eEye Retina 5 eEye Retina 5 Shadow Security Scanner Shadow Security Scanner

3 Network Scanned CS network, IP range 129.138.6.0-255 Scanned CS network, IP range 129.138.6.0-255 Scanners found between 30-47 hosts active Scanners found between 30-47 hosts active Low host count could be attributed to the timing of our scans, after 5 pm. Low host count could be attributed to the timing of our scans, after 5 pm.

4 Results All together, scanners found 87 vulnerabilities on scanned hosts All together, scanners found 87 vulnerabilities on scanned hosts Critical: 4, High: 40, Medium: 11, Low: 11 (Only one scanner gave the ‘critical’ rating) Critical: 4, High: 40, Medium: 11, Low: 11 (Only one scanner gave the ‘critical’ rating) Some vulnerabilities given different CVSS ratings by different scanners. Some vulnerabilities given different CVSS ratings by different scanners.

5 Analysis Methods Wrote unique parser in perl for each scanner’s output. Wrote unique parser in perl for each scanner’s output. Parse results were standardized. Parse results were standardized. Standardized results were consolidated using another perl script. Standardized results were consolidated using another perl script. Output to a comma delimited file. Output to a comma delimited file.

6 Majority Voting Looked for same vulnerability found by different scanners on same machine Looked for same vulnerability found by different scanners on same machine Only two vulnerabilities were identified by more then one scanner on the same machine. Only two vulnerabilities were identified by more then one scanner on the same machine.

7 Criticality Voting 4 critical vulnerabilities on 4 hosts. 4 critical vulnerabilities on 4 hosts. 40 high vulnerabilities on 25 hosts. 40 high vulnerabilities on 25 hosts. 11 medium vulnerabilities on 11 hosts. 11 medium vulnerabilities on 11 hosts. 32 low vulnerabilities on 32 hosts. 32 low vulnerabilities on 32 hosts.

8 SANS Top Twenty Created a list of 2006 SANS top twenty CVE codes. Created a list of 2006 SANS top twenty CVE codes. A script compared that list to our vulnerability found lists. A script compared that list to our vulnerability found lists. Only 1 vulnerability that we found was on the SANS top twenty: CVE-2006- 3439 Only 1 vulnerability that we found was on the SANS top twenty: CVE-2006- 3439

9 Metasploit Didn’t want to use Metasploit on the CS network. Didn’t want to use Metasploit on the CS network. Ran Nessus on our private network, then used that data to use Metasploit for most likely vulnerability. Ran Nessus on our private network, then used that data to use Metasploit for most likely vulnerability. Weren’t able to penetrate. Weren’t able to penetrate. Completely Manual. Completely Manual.

10 Discussion of Scanners Nessus and Retina gave CVE codes for vulnerabilities found Nessus and Retina gave CVE codes for vulnerabilities found Nessus, Retina, and GFI Languard gave Bugtraq codes for some vulnerabilties found Nessus, Retina, and GFI Languard gave Bugtraq codes for some vulnerabilties found NMap gave only port information, no real vulnerabilties NMap gave only port information, no real vulnerabilties Shadow Security Scanner didn’t give meangingful data. Shadow Security Scanner didn’t give meangingful data.

11 Final Process Scanner creates individual output file Scanner creates individual output file Scanner output is parsed into our own standardized format Scanner output is parsed into our own standardized format Parsed output from multiple scanners is consolidated by hand using Excel, then outputted to comma-deliminated file. Parsed output from multiple scanners is consolidated by hand using Excel, then outputted to comma-deliminated file. Final analysis (criticality, majority, and SANS top twenty) are performed by final scripts. Final analysis (criticality, majority, and SANS top twenty) are performed by final scripts.

12 Questions?

Download ppt "Vulnerability Scan Assessment CS/IT 463 Bryan Dean Jonathan Ammons."

Similar presentations

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.
3D Tool Examples Dave Breslin (@ Tenable Discussions Forum)

3D Tool Examples Dave Breslin Tenable Discussions Forum)
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
SecurityCenter Reporting Nessus Scan Report. SecurityCenter Reports For customers who use Nessus for vulnerability scanning and then move to SecurityCenter,

SecurityCenter Reporting Nessus Scan Report. SecurityCenter Reports For customers who use Nessus for vulnerability scanning and then move to SecurityCenter,
Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.

Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.
Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January
Vulnerability Scanning at NU Robert Vance NUIT-Telecom & Network Services.

Vulnerability Scanning at NU Robert Vance NUIT-Telecom & Network Services.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
VULNERABILITY SCANNERS By Ranga Roy Chowdary koduru Raveesh Chilakapati.

VULNERABILITY SCANNERS By Ranga Roy Chowdary koduru Raveesh Chilakapati.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.

Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.

Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.

Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.
1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.
Www.more.net | University of Missouri Copyright ©2007 MOREnet and The Curators of the University of Missouri Statenet Security on the cheap and easy Beth.

| University of Missouri Copyright ©2007 MOREnet and The Curators of the University of Missouri Statenet Security on the cheap and easy Beth.
Vulnerability Types And How to Use Them.

Vulnerability Types And How to Use Them.
The Business of Penetration Testing

The Business of Penetration Testing

Similar presentations

Ads by Google