Network Vulnerability Scanning - PowerPoint PPT Presentation

Loading...

PPT – Network Vulnerability Scanning PowerPoint presentation | free to download - id: 78578b-MzM0N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Network Vulnerability Scanning

Description:

Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA xiaozhen.xue_at_ttu.edu Akbar Siami Namin Dept. of Computer Science – PowerPoint PPT presentation

Number of Views:71
Avg rating:3.0/5.0
Slides: 21
Provided by: Akb59
Learn more at: http://www.depts.ttu.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Network Vulnerability Scanning


1
Network Vulnerability Scanning
Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA xiaozhen.xue_at_ttu.edu Akbar Siami Namin Dept. of Computer Science Texas Tech University, USA akbar.namin_at_ttu.edu
Summer Cyber-Security Workshop, Lubbock, July
2014
2
Need for Vulnerability Management
  • Sources of Vulnerabilities
  • Programming errors
  • Unintentional mistakes or intentional malware in
    General Public License software
  • Improper system configurations
  • Mobile users sidestepping perimeter security
    controls
  • Rising attacks through viewing popular websites
  • Vulnerabilities on a network are GOLD to cyber
    criminals
  • Provide unauthorized entry to networks
  • Can expose confidential information, fuel stolen
    identities, violate privacy laws, or paralyse
    operations
  • Exposure is extreme for networks with vulnerable
    devices connected by IP

Summer Cyber-Security Workshop, Lubbock, July
2014
3
Need for Vulnerability Management
  • Attack Trends
  • Increased professionalism and commercialization
    of malicious activities
  • Threats that are increasingly tailored for
    specific regions
  • Increasing numbers of multistaged attacks
  • Attackers targeting victims by first exploiting
    trusted entities
  • Shift from Hacking for Fame to Hacking for
    Fortune
  • Despite utilization of basic defenses, network
    security breaches abound
  • TJX exposed 46M records
  • DSW exposed 1.4M records
  • CardSystems exposed 40M records
  • 215M reported record exposures since 2005
    (actual is significantly higher)
  • Automation is Crucial
  • Manual detection and remediation workflow is too
    slow, too expensive and ineffective

Summer Cyber-Security Workshop, Lubbock, July
2014
4
Need for Vulnerability Management
  • Challenges IT Security Face
  • NOT enough TIME, PEOPLE, BUDGET
  • Prioritization of efforts for minimize business
    risks and protecting critical assets. We cant
    fix all problems - what can we live with?
  • Adapting to accelerating change in sophistication
    of attacks.
  • Did we learn our lessons?
  • Most vulnerabilities are long known before
    exploited
  • Successful exploitation of vulnerabilities can
    cause substantial damage and financial loss
  • A few vulnerable systems can disrupt the whole
    network
  • System misconfiguration can make systems
    vulnerable

Summer Cyber-Security Workshop, Lubbock, July
2014
5
Vulnerability Management
Vulnerability Scanning
1. DISCOVERY (Mapping)
2. ASSET PRIORITISATION (and allocation)
6. VERIFICATION (Rescanning)
3. ASSESSMENT (Scanning)
5. REMEDIATION (Treating Risks)
4. REPORTING (Technical and Executive)
Summer Cyber-Security Workshop, Lubbock, July
2014
6
Mapping
Vulnerability Scanning
  • Mapping
  • Gives hackers eye view of you network
  • Enables the detection of rogue devices

Summer Cyber-Security Workshop, Lubbock, July
2014
7
Prioritisation
Vulnerability Scanning
  • Asset Prioritisation
  • Some assets are more critical to business than
    others
  • Criticality depends of business impact

Summer Cyber-Security Workshop, Lubbock, July
2014
8
Vulnerability Scanning
  • Scanning
  • takes an outside-in and inside-in approach to
    security, emulating the attack route of a hacker
  • tests effectiveness of security policy and
    controls by examining network infrastructure for
    vulnerabilities

Summer Cyber-Security Workshop, Lubbock, July
2014
9
Vulnerability scanners
Vulnerability Scanning
  • Vulnerability scanners are automated tools that
    scan hosts and networks for known vulnerabilities
    and weaknesses

Summer Cyber-Security Workshop, Lubbock, July
2014
10
How Vulnerability Scanners Work
Vulnerability Scanning
GUI

Results
Summer Cyber-Security Workshop, Lubbock, July
2014
11
Vulnerability scanners
Vulnerability Scanning
  • Similar to virus scanning software
  • Contain a database of vulnerability signatures
    that the tool searches for on a target system
  • Cannot find vulnerabilities not in the database
  • New vulnerabilities are discovered often
  • Vulnerability database must be updated regularly

Summer Cyber-Security Workshop, Lubbock, July
2014
12
Typical Vulnerabilities Checked
Vulnerability Scanning
  • Network vulnerabilities
  • Host-based (OS) vulnerabilities
  • Misconfigured file permissions
  • Open services
  • Missing patches
  • Vulnerabilities in commonly exploited
    applications (e.g. Web, DNS, and mail servers)

Summer Cyber-Security Workshop, Lubbock, July
2014
13
Vulnerability Scanners - Benefits
Vulnerability Scanning
  • Very good at checking for hundreds (or thousands)
    of potential problems quickly
  • Automated
  • Regularly
  • May catch mistakes/oversights by the system or
    network administrator
  • Defense in depth

Summer Cyber-Security Workshop, Lubbock, July
2014
14
Vulnerability Scanners - Drawbacks
Vulnerability Scanning
  • Report potential vulnerabilities
  • Only as good as the vulnerability database
  • Can cause complacency
  • Cannot match the skill of a talented attacker
  • Can cause self-inflicted wounds

Summer Cyber-Security Workshop, Lubbock, July
2014
15
Vulnerability Scanners tools
  • Port scanner (Nmap, Nessus)
  • Network enumerator
  • Network vulnerability scanner (BoomScan)
  • Web application security scanner
  • Database security scanner
  • Host based vulnerability scanner (Lynis, ovaldi,
    SecPod Saner)
  • ERP security scanner
  • Computer worm

16
Summary
Vulnerability Scanning
  • Vulnerability scanners are automated tools that
    scan hosts and networks for known vulnerabilities
    and weaknesses
  • Used by defenders to automatically check for many
    known problems
  • Used by attackers to prepare for and plan attacks

Summer Cyber-Security Workshop, Lubbock, July
2014
17
Vulnerability Scanners tools
comprehensive vulnerability scanner which is
developed by Tenable Network Security.
18
Vulnerability Scanners tools
Port scanner (Nmap)
19
Qualys
  • https//freescan.qualys.com/freescan-front/

Summer Cyber-Security Workshop, Lubbock, July
2014
20
Qualys
  • http//lhs.lubbockisd.org

Summer Cyber-Security Workshop, Lubbock, July
2014
About PowerShow.com