Vuln scanning
This presentation is the property of its rightful owner.
Sponsored Links
1 / 12

VULN SCANNING PowerPoint PPT Presentation


  • 46 Views
  • Uploaded on
  • Presentation posted in: General

VULN SCANNING. BCIS 4630 Fundamentals of IT Security. Dr. Andy Wu. Overview. Nessus Architecture Plugins Reporting. Vulnerability Scanning. Scans the target for potential problems that yield the target vulnerable to attacks: Unpatched OS Outdated applications Unsecure accounts

Download Presentation

VULN SCANNING

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Vuln scanning

VULN SCANNING

BCIS 4630 Fundamentals of IT Security

Dr. Andy Wu


Overview

Overview

  • Nessus

    • Architecture

    • Plugins

    • Reporting


Vulnerability scanning

Vulnerability Scanning

  • Scans the target for potential problems that yield the target vulnerable to attacks:

    • Unpatched OS

    • Outdated applications

    • Unsecure accounts

    • Misconfigurations

    • Etc.

  • Nessus is a market leader in vulnerability scanning.

  • Major contenders include SATAN, SAINT, Retina, etc.


Nessus architecture

Nessus Architecture


Nessus architecture1

Nessus Architecture

  • Client-server architecture.

    • The program is in fact installed on the Nessus server.

  • Includes a large number of plug-ins.

    • Each plugin is a source of vulnerability.

    • Well organized and tied to industry vulnerability databases.

  • Plugins are organized into “families”.

  • A policy controls which vulnerabilities to load (scanning for those vulnarabilities).


Nessus server

Nessus Server

  • The server component receives scanning requests from the client and performs the actual scan.

  • Runs as a service.

  • The managed port number is 8834.

  • Maintains a list of user accounts.

    • A user account is required for scanning.

    • Two types of accounts: admin and regular.


Nessus client

Nessus Client

  • Connects to the server to perform the scan.

  • Typical thin-client (browser) application.

  • SSL connection to the server.

  • Can create its own, “private” scanning policies, or use “shared” policies” created by the administrator.


Scan settings

Scan Settings


Reporting capabilities

Reporting Capabilities

  • Dynamic, context-driven, tabbed views in Web browser

  • Overview, executive summary reports

  • Detailed reports by port numbers/vulnerability IDs

  • Exported to HTML or rich-text formats


Reporting capabilities1

Reporting Capabilities


Password guessing script

Password Guessing Script


Credentials file

Credentials File


  • Login