Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT 463 – Scanning Assignment Shane Knisley Erik Bennett.

Published bySamson Booth Modified over 8 years ago

Similar presentations

Presentation on theme: "IT 463 – Scanning Assignment Shane Knisley Erik Bennett."— Presentation transcript:

1 IT 463 – Scanning Assignment Shane Knisley Erik Bennett

2 Scanners Used X-Scan Retina Nessus GFI-LanGuard

3 Domain Scanned 129.138.6.1 - 129.138.6.255 CS Domain

4 Problems Finding a fifth scanner Most of the others are not supported anymore SARA, could not get the UNIX GUI to work, so could not run the SARA program. Attempted to obtain other scanners on scanners list but unsuccessful Scanning the wireless network first (As directed by CS department Systems Analyst). No success with Metasploit. GFI has limitation on number of computers. Got a KeyGen for Retina (finally)‏ Network is dynamic, computer there today, not there tomorrow.

5 X-Scan 43 computers found 15 machines with reported vulnerabilities. 22 total vulnerabilities Most common Vulnerability was: snmp (161/udp) Password "public“ (11)‏ #2 :tcp - MS Task Scheduler (13852) (2)‏ The other 8 were specific to 1 machine each.

6 Nessus Scanned a day after X-scan 54 machines found. 13 Machines had 36 Warnings 4 Machines had 8 Holes Holes include:  1. missing patches (H)‏  2. epmap (135/udp) 11890 (L)‏  3. H: microsoft-ds (445/tcp) 12209, 11835, 19407, 18502 (L)‏  4. Radius (L)‏

7 Nessus Cont’d Warning: (36)‏ Most Common  snmp (161/udp) 10800, 10551, 10264 (5 machines)‏  osu-nms (192/udp) 20345 (4 machines)‏  ultima-online-game (5009/tcp), 11620 (4 machines)‏  general/icmp 11197 (4 machines)‏  commplex-main (5000/tcp) 11765 (3 machines)‏

8 GFI -LanGuard 25 Machines scanned due to limitation. 122 High Vulnerabilities 4 Medium Vulnerabilities 72 Low Vulnerabilities # 1 High Vulnerability is:  POP3 server might be vulnerable to a remote buffer over flow exploit (21 machines)‏  129.138.6.27 & 129.138.6.86 had the highest severity with several backdoors.

9 LanGuard Continued

10 Retina 46 Vulnerable Machines found 208 Vulnerabilities 79 High Risk 57 Medium Risk 72 Low Risk

11 Retina Distribution

12 Metasploit Most Machines had Open Ports & Several services running, including telnet. We did get into a machine running FTP with no root password. Otherwise, NO SUCCESS AT ALL.  Some had connections with machines.  Did not get any payloads run.

13 Metasploit Examined scanner reports and SANS Top 20 descriptions Noted most common vulnerabilities and mapped to SANS Examined exploits and mapped to SANS vulnerabilities linked to common vulnerabilities Repeated for critical vulnerabilities

14 San Top 20 Did not find anything that mapped directly to the CVE numbers listed for the San’s Top 20

15 Conclusion Most common vulnerability had to due with snmp. Most critical were the backdoors found in on a couple of machines.

Download ppt "IT 463 – Scanning Assignment Shane Knisley Erik Bennett."

Similar presentations

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Network Attached Shell: N.A.S.ty Systems That Store Network Accessible Shells Jacob Holcomb Security Analyst Independent Security Evaluators.

Network Attached Shell: N.A.S.ty Systems That Store Network Accessible Shells Jacob Holcomb Security Analyst Independent Security Evaluators.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by.

Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
VULNERABILITY SCANNERS By Ranga Roy Chowdary koduru Raveesh Chilakapati.

VULNERABILITY SCANNERS By Ranga Roy Chowdary koduru Raveesh Chilakapati.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.

Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.
Team BAM! Scott Amack, Everett Bloch, Maxine Major.

Team BAM! Scott Amack, Everett Bloch, Maxine Major.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.

Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
4/13/2010.  CSS Meeting  Stephen Crane on Programming Contests  1pm  Building 8 room 345 05/11/10.

4/13/2010.  CSS Meeting  Stephen Crane on Programming Contests  1pm  Building 8 room /11/10.
1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.

1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Nessus - NASL Marmagna Desai [592- Project]. 2 Agenda Introduction –Nessus –Nessus Attack Scripting Language [ N A S L] Features –Nessus –NASL Testing.

1 Nessus - NASL Marmagna Desai [592- Project]. 2 Agenda Introduction –Nessus –Nessus Attack Scripting Language [ N A S L] Features –Nessus –NASL Testing.

Similar presentations

Ads by Google