VULN SCANNING - PowerPoint PPT Presentation

vuln scanning n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
VULN SCANNING PowerPoint Presentation
Download Presentation
VULN SCANNING

play fullscreen
1 / 12
VULN SCANNING
119 Views
Download Presentation
chakra
Download Presentation

VULN SCANNING

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. VULN SCANNING BCIS 4630 Fundamentals of IT Security Dr. Andy Wu

  2. Overview • Nessus • Architecture • Plugins • Reporting

  3. Vulnerability Scanning • Scans the target for potential problems that yield the target vulnerable to attacks: • Unpatched OS • Outdated applications • Unsecure accounts • Misconfigurations • Etc. • Nessus is a market leader in vulnerability scanning. • Major contenders include SATAN, SAINT, Retina, etc.

  4. Nessus Architecture

  5. Nessus Architecture • Client-server architecture. • The program is in fact installed on the Nessus server. • Includes a large number of plug-ins. • Each plugin is a source of vulnerability. • Well organized and tied to industry vulnerability databases. • Plugins are organized into “families”. • A policy controls which vulnerabilities to load (scanning for those vulnarabilities).

  6. Nessus Server • The server component receives scanning requests from the client and performs the actual scan. • Runs as a service. • The managed port number is 8834. • Maintains a list of user accounts. • A user account is required for scanning. • Two types of accounts: admin and regular.

  7. Nessus Client • Connects to the server to perform the scan. • Typical thin-client (browser) application. • SSL connection to the server. • Can create its own, “private” scanning policies, or use “shared” policies” created by the administrator.

  8. Scan Settings

  9. Reporting Capabilities • Dynamic, context-driven, tabbed views in Web browser • Overview, executive summary reports • Detailed reports by port numbers/vulnerability IDs • Exported to HTML or rich-text formats

  10. Reporting Capabilities

  11. Password Guessing Script

  12. Credentials File