1 / 26

Vulnerability Assessment: Steps to a More Secure Network

Securing Your Network Fethi Amara – Email: famara@gulfcomputers.com. Vulnerability Assessment: Steps to a More Secure Network. Gulf Computers Professional Services . Provider of multivendor, data network consulting services Reference list in the region includes:

tamira
Download Presentation

Vulnerability Assessment: Steps to a More Secure Network

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing Your Network Fethi Amara – Email: famara@gulfcomputers.com Vulnerability Assessment: Steps to a More Secure Network

  2. Gulf ComputersProfessional Services • Provider of multivendor, data network consulting services • Reference list in the region includes: • Standard Chartered Bank (Dubai) • Emirates Airlines / DNATA Group of Companies (Dubai) • Sharjah Municipality (Sharjah) • Town Planning Department (Abu Dhabi) • Civil Defense (Abu Dhabi) • GEC Marconi (Abu Dhabi) • Ericsson (Oman) • Sultan Qaboos University (Oman) • Oman Refinery Company (Oman) • Occidental (Dubai and Qatar) • QAFCO (Qatar) • Abdul Latif Jameel (Saudi Arabia) • etc.

  3. The Twenty Most Critical Internet Security Vulnerabilities • The SANS Institute www.sans.org (SysAdmin, Audit, Network, Security) • The NIPC www.nipc.gov (National Infrastructure Protection Center) • The FBI www.fbi.gov

  4. Top 10 Vulnerabilities to Windows Systems • Internet Information Services (IIS) • Microsoft Data Access Components (MDAC) -- Remote Data Services • Microsoft SQL Server • NETBIOS -- Unprotected Windows Networking Shares • Anonymous Logon -- Null Sessions • LAN Manager Authentication -- Weak LM Hashing • General Windows Authentication -- Accounts with No Passwords or Weak Passwords • Internet Explorer • Remote Registry Access • Windows Scripting Host

  5. Top 10 Vulnerabilities to Unix Systems • Remote Procedure Calls (RPC) • Apache Web Server • Secure Shell (SSH) • Simple Network Management Protocol (SNMP) • File Transfer Protocol (FTP) • R-Services -- Trust Relationships • Line Printer Daemon (LPD) • Sendmail • BIND/DNS • General Unix Authentication -- Accounts with No Passwords or Weak Passwords

  6. The 7 Top Management Errors that Lead to Computer Security Vulnerabilities • Number Seven: Pretend the problem will go away if they ignore it. • Number Six: Authorize reactive, short-term fixes so problems re-emerge rapidly • Number Five: Fail to realize how much money their information and organizational reputations are worth. • Number Four: Rely primarily on a firewall.

  7. The 7 Top Management Errors that Lead to Computer Security Vulnerabilities • Number Three: Fail to deal with the operational aspects of security: make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed • Number Two: Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security. • Number One: Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.

  8. Number of Vulnerabilities and incidents reported (According to www.cert.org) • Incidents reported in 2000-2003 • Vulnerabilities reported in 2000-2003

  9. The Virus Problem:major catastrophes • 45 million e-mail users worldwide affected by LoveBug (Computer Economics, May 2000) • LoveBug cost companies an estimated US$10 billion • Dell stopped production for five days due to FunLove • 32,000 copies of Melissa hit one company in 45 minutes • No one is safe • Microsoft, FBI, Houses of Parliament, Barclays, BT Lost productivity, but also loss of reputation

  10. The LoveBug world spreadFirst 24 hours

  11. Vulnerability Scanning Definition • Testing for areas that allow unauthorized access to networks, systems, and applications • From outside enterprise • From internal sources

  12. Frequency and Damage of Security Threats/Attacks

  13. Vulnerability Sources • Networks • Firewalls • Devices, e.g., routers, switches • Systems • Servers • Operating system services • Applications • Configuration problems • Design flaws

  14. Obvious Find vulnerabilities Not so obvious Test intrusion detection Test incident response Test managed security provider IDS is no substitute Speed of attack problem, HoneyNet Project Limited scope Why Conduct Vulnerability Scans?

  15. Permissible systems All access points including Wireless Dial-up VPNs Vulnerability Targets

  16. Vulnerability Scan Steps • Multiple scanners for different targets • Firewalls • Web servers • Wireless network • Lotus Notes • Novell Netware • Many more • Attack signature database • Must be updatable • Identifies potential vulnerabilities • False positives expected

  17. Scanner Characteristics • Specialization - specific target • Number of tests - multiple targets • Reporting • Fix information • False positives • Other features, e.g., client/server

  18. Open Source vs. Commercial Scanners Open Source Commercial Free Frequent updates More vulnerabilities Can be customized Easy to install/operate Enhanced report generation Fully supported Pros Limited support Lots of false positives Linux expertise needed Cost can be high Cost of support Cons Nessus Sara Cybercop ISS Examples

  19. How Long Does it Take? • It depends • Number of subnets • Number of hosts • Blocks in place • UDP • Firewalls play dead mode • Thoroughness

  20. Conducting the Scan • Arrange time for scan • Delay start to avoid scapegoating • Special scan for potential trouble systems • Be available 24x7

  21. Data Analysis • Challenges • Lots of false positives • Meaningful data not always easy to identify • Know your audience • Severity classification • Department focus • Reporting results • Common Vulnerability and Exposures (CVE)

  22. Report Styles

  23. Hidden Benefits • Study how security is implemented • Find unknown hosts • Learn about change control process • Good basis for a security policy if one doesn't exist • Policy enforcement

  24. The Bottom Line • Scan for vulnerabilities in networks, systems & applications • Choose the right target and matching scanner(s) • Conduct scan in defined timeframe • Sift data for relevancy

  25. Gulf Computers Professional Security Services • Evaluation • Penetration testing, assessment, audit, vulnerability analysis • Strategic • Incident response, programs, policies, training • Technical • PKI, VPNs, Firewalls, IDS, AAA integration, PDIO

  26. Question and Answer

More Related