VULN SCANNING. BCIS 4630 Fundamentals of IT Security. Dr. Andy Wu. Overview. Nessus Architecture Plugins Reporting. Vulnerability Scanning. Scans the target for potential problems that yield the target vulnerable to attacks: Unpatched OS Outdated applications Unsecure accounts
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
VULN SCANNING BCIS 4630 Fundamentals of IT Security Dr. Andy Wu
Overview • Nessus • Architecture • Plugins • Reporting
Vulnerability Scanning • Scans the target for potential problems that yield the target vulnerable to attacks: • Unpatched OS • Outdated applications • Unsecure accounts • Misconfigurations • Etc. • Nessus is a market leader in vulnerability scanning. • Major contenders include SATAN, SAINT, Retina, etc.
Nessus Architecture • Client-server architecture. • The program is in fact installed on the Nessus server. • Includes a large number of plug-ins. • Each plugin is a source of vulnerability. • Well organized and tied to industry vulnerability databases. • Plugins are organized into “families”. • A policy controls which vulnerabilities to load (scanning for those vulnarabilities).
Nessus Server • The server component receives scanning requests from the client and performs the actual scan. • Runs as a service. • The managed port number is 8834. • Maintains a list of user accounts. • A user account is required for scanning. • Two types of accounts: admin and regular.
Nessus Client • Connects to the server to perform the scan. • Typical thin-client (browser) application. • SSL connection to the server. • Can create its own, “private” scanning policies, or use “shared” policies” created by the administrator.
Reporting Capabilities • Dynamic, context-driven, tabbed views in Web browser • Overview, executive summary reports • Detailed reports by port numbers/vulnerability IDs • Exported to HTML or rich-text formats