Vuln scanning
Download
1 / 12

VULN SCANNING - PowerPoint PPT Presentation


  • 71 Views
  • Uploaded on

VULN SCANNING. BCIS 4630 Fundamentals of IT Security. Dr. Andy Wu. Overview. Nessus Architecture Plugins Reporting. Vulnerability Scanning. Scans the target for potential problems that yield the target vulnerable to attacks: Unpatched OS Outdated applications Unsecure accounts

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' VULN SCANNING' - leighton-ace


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Vuln scanning

VULN SCANNING

BCIS 4630 Fundamentals of IT Security

Dr. Andy Wu


Overview
Overview

  • Nessus

    • Architecture

    • Plugins

    • Reporting


Vulnerability scanning
Vulnerability Scanning

  • Scans the target for potential problems that yield the target vulnerable to attacks:

    • Unpatched OS

    • Outdated applications

    • Unsecure accounts

    • Misconfigurations

    • Etc.

  • Nessus is a market leader in vulnerability scanning.

  • Major contenders include SATAN, SAINT, Retina, etc.


Nessus architecture
Nessus Architecture


Nessus architecture1
Nessus Architecture

  • Client-server architecture.

    • The program is in fact installed on the Nessus server.

  • Includes a large number of plug-ins.

    • Each plugin is a source of vulnerability.

    • Well organized and tied to industry vulnerability databases.

  • Plugins are organized into “families”.

  • A policy controls which vulnerabilities to load (scanning for those vulnarabilities).


Nessus server
Nessus Server

  • The server component receives scanning requests from the client and performs the actual scan.

  • Runs as a service.

  • The managed port number is 8834.

  • Maintains a list of user accounts.

    • A user account is required for scanning.

    • Two types of accounts: admin and regular.


Nessus client
Nessus Client

  • Connects to the server to perform the scan.

  • Typical thin-client (browser) application.

  • SSL connection to the server.

  • Can create its own, “private” scanning policies, or use “shared” policies” created by the administrator.



Reporting capabilities
Reporting Capabilities

  • Dynamic, context-driven, tabbed views in Web browser

  • Overview, executive summary reports

  • Detailed reports by port numbers/vulnerability IDs

  • Exported to HTML or rich-text formats





ad