...Vulnerability Assessment Scan Using Nessus CNT 4403 Anthony de Cardenas Patricia McDermott-Wells 1. Zenmap GUI is a multi-platform application that provides advanced experience network mapping. It would be used by beginners to understand how the network functions. The software probes computer networks by sending packets and analyzes its responses. It is useful when you want to understand the system’s vulnerabilities or detect specific services running on the network. 2. When describing the risks and vulnerabilities of an information system, it has to start where security of data is compromised. Protecting the user names and passwords of a system is vital. When there are vulnerabilities, the system’s sensitive data is at risk. That is the reason you need to secure your information when transferred through the network. 3. The application that is used for Step 2 in the hacking process is Nessus. 4. If you are to conduct an ethical hacking, you have to make sure that you have the proper authorization. Without it, any probing could be considered malicious and would be subject to prosecution. 5. A CVE, or a Common Vulnerabilities & Exposure, is a list of all the known vulnerabilities in the system. They also provide a way to close or patch them up to limit the risk of security leaks. The CVE database is sponsored by the Mitre Corporation under the control of Homeland Security. 6. The Zenmap GUI can definitely detect the operating system on...
Words: 328 - Pages: 2
...Vulnerability labels a condition or a set of conditions that create a weakness in systems or networks that can potentially be manipulated. Think of vulnerability as the susceptibility of a system or network to be attacked and possibly damaged or disrupted. Vulnerabilities take many forms: ▪ Easily guessable logon passwords ▪ Poorly configured access controls ▪ Exploitable programming flaws ▪ Incorrect security implementations ▪ Non-exploitable disruptive design flaws, such as denial of service (DoS) ▪ Undocumented maintenance or debugging backdoors in software or systems All of these problems and many others can exist simultaneously across numerous systems and devices. Threats, risks, and vulnerabilities negatively impact the confidentiality, integrity, and availability (CIA) triad. Confidentiality is breached when an attacker discloses private information, integrity is broken when an attacker modifies privileged data, and availability is ruined when an attacker successfully denies service to a mission-critical resource. The length of time these vulnerabilities are present creates a window of vulnerability (WoV), the period within which defensive measures are reduced, compromised, or lacking. The WoV covers a timeline from the moment a vulnerability is discovered and identified by the vendor. It also includes the time taken to create, publish, and finally apply a fix to the vulnerability. Problems arise as fixes can be disruptive to business...
Words: 276 - Pages: 2
...Window Of Vulnerability (WoV) Window of Vulnerability (WoV) is calculated from the time the attack started to when the attack is found removed or fixed. In this case the attack was found but just referred to as the previous day and the detection was found by the server software. We will say that the attack was on a Monday morning. The software company will be releasing a patch for the attack in three days. We should receive the patch on Thursday then. When we get the patch we will need to install and test the patch, this will take generally according to the size of the computer and the # of end users any part of one week to complete the testing before putting it into production. Once the testing is done on all workgroups & end users devices the patch will need to be installed which is considered into production. The update will be company-wide to all machines that access the network. We will need to send out notification office wide via memo and/or email message to all employees. We should request that all end user’s leave the PC’s or devices on so that we can remotely install the updates or for all of the end users that contain windows 7 which most companies do have the upgrade from XP since it will soon be unsupported, you can use Microsoft Deployment Toolkit (MDT) to automate the update to reduce the Desktop support time & cost to do each and every machine. From the day we found the security hole to the the time we fix the security hole, according to industry...
Words: 296 - Pages: 2
...The Window of Vulnerability The window of vulnerability is a time frame within which defensive measures are reduced, compromised or lacking. When trying to calculate the window of vulnerability you need to look at least 4 different things before being able to figure out the entire vulnerability. Those four things are discovery-time, exploit time, disclosure time and patch time. Discovery time is when someone discovers that a product has security or survivability implications, the flaw then becomes vulnerable. Hopefully it was found before an attacker found the vulnerability and exploited it. Exploit time is the time between the discovery and the patch time. It is when most, if not all, attacks will occur on a network. When attackers find vulnerabilities they can break through the security relatively quickly, and if they are not stopped they can damage a network extremely. Disclosure time is the vulnerability is disclosed when the discoverer reveals details of the problem to a wider audience. Disclosure time and exploit time can be occurring at the same time, it just depends on when the vulnerability was discovered and by whom. Patch time takes the longest because of all the code that needs to be fixed in order to close the vulnerability. Patches can take a few days to fix the problems or can take longer than 3 weeks, it all depends on how bad the vulnerability is and how badly the attackers want to get into the network. Even with patches and other fixes to networks there...
Words: 275 - Pages: 2
...2 Assignment 1: Calculate the Window of Vulnerability A security breach has been identified in which the SMB server was accessed by an authorized user due to a security hole. The hole was detected by the server software manufacturer the day before. A new patch will be available in three days. However the LAN administrator needs at least a week to download the software, test it, and then install the patch. Based on this information, the window of vulnerability at the very least is eight days. A network worm called Spida was detected through the MS-SQL server software package. A default installation of MS-SQL was installed into Windows desktops in which each server did not have a password on the system account. This gave access to anyone on the network to run random commands. Spida configures a ‘guest’ account to allow file sharing and be able to uploads itself to the target. It then creates copies of itself using the password-less account, therefore creating infection. This worm was not found until the day after installation and it will take three days restore the network. The window of vulnerability of this situation is four days. A user opened an email that contained a virus and notified her manager. The manager then notified the IT department, and they immediately began to work at the problem. It took the IT team one day to resolve the issue and completely remove the virus and the restore the network. The window of vulnerability was one day. Lastly, an employee who used...
Words: 319 - Pages: 2
...Joy Davis (15538292) Prof. Redd IT 255 Intro to ISS October 20, 2013 Unit 2 Assignment 1: Calculating the Window of Vulnerability WOV or Window of Vulnerability is the time it takes the attack to start all the way to when the attack is found and removed or fixed. As problems arise in IT infrastructure of an organization, providing a fix to the problem can disrupt daily operations and the time it takes between discovering the problem and patching it will leave a window open for an intruder to attack. Once that happens, it is officially a breach of security and any confidential information can be accessed and tampered with. In this particular case, the security breach has been identified and an unauthorized user accessed the SMB server due to an open window of time. The day before the attack, the server software manager detected a hole in security. On the day the hole was detected, it started the timeline of calculating the window of vulnerability. Day 0 is when the vulnerability was discovered. The software company will be releasing a patch however it will take three days to be available, thus adding to the timeline. We are now at day 4 when the LAN administrator communicates that we will need an additional week to download, test and install the patch when it arrives. The final timeframe from the point of discovery to the point that the patch is installed is roughly 11 days. Going further, the patch may need to be deployed companywide to all machines that access the network...
Words: 315 - Pages: 2
...Agnieszka Zajewska PHIL 3249 Professor Lucas 28 April 2015 When I first began to think about vulnerability at the beginning of our semester together, I was convinced that I had a good grasp on the word. As a class we read about the Tuskegee experiments and I knew with certainty that the people involved in these trials were a vulnerable population and had been taken advantage of. Before I was assigned the topic of vulnerability for my class presentation and dived into the readings, it seemed obvious that a clear and concise definition of who is, and is not, considered vulnerable in our population would be made all the more abundantly clear. It was my naive assumption that vulnerability was a science that came with a cohesive checklist....
Words: 2655 - Pages: 11
...When calculating the Window of Vulnerability (WoV), time is probable the most crucial aspect. Whenever you are dealing with the WoV there are four time periods that help any IT support personnel: Discovery Time, Disclosure Time, Exploit Time and Patch Time. The Exploit Time is the earliest that a malicious event of vulnerability takes place. Discovery Time is the earliest time that a vulnerability is found and/ or known to cause a security risk; while the disclosure time is the period that makes security information available to the general public. The difference between these two time periods is what is called the Black Risk. The black risk is defined that during the discovery time the vulnerability is kept within a small group of people. These people could be the IT staff, the hackers that cause this to occur. On the other hand the disclosure time is when this close nit of people bring the vulnerability to light and inform the public. Also with in the disclosure time, when making the information public it must be of free access, must be from a creditable and acceptable source. The Patch time is the last period that is when a fix or patch is released to correct the vulnerability. During the time between the disclosure and patch time is referred to as the Gray Risk. At this time the vulnerability is known to the public but, is waiting to hear and receive that a correct is available to correct the issue. Prior to a fix or patch a workaround could be available so that the day...
Words: 317 - Pages: 2
...1. What vulnerabilities exist for this workgroup LAN based on advisories? List 5 * Microsoft Security Advisory (MSVR13-009) Cisco Security Service File Verification Bypass Could Allow Elevation of Privilege Published or Last Updated: Tuesday, June 18, 2013 * Microsoft Security Advisory (MSVR13-008) Cisco Security Service IPC Message Heap Corruption Could Allow Elevation of Privilege Published or Last Updated: Tuesday, June 18, 2013 * Microsoft Security Advisory (MSVR13-007) Heap Corruption in Nitro Reader Could Allow Arbitrary Code Execution Published or Last Updated: Tuesday, May 21, 2013 * Microsoft Security Advisory (MSVR13-006) Memory Corruption in Nitro Reader Could Allow Arbitrary Code Execution Published or Last Updated: Tuesday, May 21, 2013 * Microsoft Security Advisory (MSVR13-005) Vulnerability in SumatraPDF Reader Could Allow Remote Code Execution Published or Last Updated: Tuesday, April 16, 2013 1. Does any vulnerability involve privilege elevation? Is this considered high-priority issue? There are two most current vulnerability could allow elevation of privilege through Cisco security service File verification bypass and IPC message Heap corruption. This is considered a high level priority due to unauthorized access to higher domains which control high profile information that can compromise a company’s integrity financially and reputation which carries the risk of overall total loss of business. 2. Identify and document...
Words: 388 - Pages: 2
...Vulnerability Management Policy Purpose The purpose of this policy is to increase the security posture of IHS systems and mitigate threats posed by vulnerabilities within all IHS-owned or leased systems and applications. Scope This policy applies to all IHS employees, contractors, vendors and agents with access to any part of IHS networks and systems. This policy applies to remote access connections used to do work from a remote location, including reading or sending email and viewing intranet web resources. Policy 1. Approved Scanning Tools 1.1 There are numerous, tools that can provide insight into the vulnerabilities on a system. Not all scanning tools have the same set of features. The CSO shall be the sole entity to implement an enterprise...
Words: 1400 - Pages: 6
...Home Security Vulnerabilities Principles & Theory of Security Management Professor James Leiman DeVry University On-Line Antoinette Bowen 19 January 2014 Home Security Vulnerability With criminals being smart enough wait and watch even pay real close attention to their victims daily habits; “at every 15 seconds, a home in the United States is broken into, said Angela Mickalide, director of education and outreach for the National Home Safety Council.” (Herbet, 2014) It would seem that it’s hopeless for people to stay safe. That in order for people to feel safe they need to purchase state of the art equipment to secure their property. For those who maybe considering the option to purchase a security system but really don’t have the funds for the monthly services should realize that there are several other methods of prevention. When observing our own environment it will appear to be safe, but how safe are we? Since people consider a very familiar area their comfort zone is when we tend to overlook the possibilities of being watched-to become a delinquent’s next victim. Let us look into our own backyards to assess the safety of our own homes. Being in a home that had been constructed in the 1920’s would seem fairly unsafe and susceptible to break-ins even becoming an easy target for offenders. Easy to kick doors in, break through windows, and bust locks due to a decaying foundation. Even as the dynamic of the changing neighborhood goes from home owners to being...
Words: 1106 - Pages: 5
...Performing a Vulnerability Assessment Course Name and Number: Student Name: Student Number: Instructor Name: Onook Oh Submission Due by: 11:59PM on February 3rd, 2015 ------------------------------------------------- Overview To complete the Lab Assignment for Chapter 3, students should first carefully read the “Introduction” information in the lab interface. And then, follow all “Steps” as described in the Lab interface. In this lab, you will use Nmap commands within Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them. You also will use OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you should use the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings ------------------------------------------------- Learning Objective of the Lab Assignment Upon completing this lab, you will be able to: * Identify risks, threats, and vulnerabilities in an IP network infrastructure using Zenmap to perform an IP host, port, and services scan. * Perform a vulnerability assessment scan on a targeted IP subnetwork using OpenVAS. * Compare the results of the Zenmap scan with a OpenVAS vulnerability assessment scan. * Assess the findings of the vulnerability assessment scan and identify critical vulnerabilities. *...
Words: 559 - Pages: 3
...Calculate the Window of Vulnerability The four parts would be the Discovery-Time, Exploit-Time, Disclosure-Time, and Patch-Time. All four of these must be looked at and evaluated. Discovery Time –is the earliest date that a vulnerability is discovered and recognized to pose a security risk. The discovery date is not publicly known until the public disclosure of the respective vulnerability. Exploit Time -is the earliest date an exploit for a vulnerability is available. We qualify any hacker-tool, virus, data, or sequence of commands that take advantage of a vulnerability as an exploit. Disclosure Time –is the first date a vulnerability is described on a channel where the disclosed information on the vulnerability is (a) freely available to the public, (b) published by trusted and independent channel and (c) has undergone analysis by experts such that risk rating information is included. Patch Time - is the earliest date the vendor or the originator of the software releases a fix, workaround, or a patch that provides protection against the exploitation of the vulnerability. Fixes and patches offered by third parties are not considered as a patch. A patch can be as simple as the instruction from the vendor for certain configuration changes. Note that the availability of other security mechanisms such as signatures for intrusion prevention systems or anti-virus tools are not considered as a patch in this analysis. Unfortunately, the availability of patches usually lags...
Words: 603 - Pages: 3
...To calculate the window of vulnerability (WOV) we will first need to know the amount of time It will take to get a working solution. In this case, we need a patch to solve the issue. We already know that it will take Microsoft 3 days to get a patch out to us. So, we can start with three days. After that, we need time to test the patch, and publish it out to the active directory update servers. This will usually take a few days according to the book. After it is all tested on the equipment, we need to push out the update to all of the client computers and servers. This will usually take a day or so. Also, depending on if the IT staff works on the weekends to solve the problem that will add another two days to fix the problem. So, to add it up, It takes three days to get the patch, Up to five days to test the patch, and another day or two to publish the patch out to all of the client computers. All in total, this will take around a week to solve this issue. My personal opinion is any IT personal that takes a WEEK to solve a major security breach should be fire. Personally, I would put immediate measures in place to solve the issue such as blocking the mac address, immediately writing scripts and programs to detect intrusions in the hole, and block out the attacker. Taking more than a day or two for testing is major overkill for fixing a major hole. But, that is my...
Words: 273 - Pages: 2
...Unit 2 Assignment 1 Greg Diamond Without having to spell out in great detail of what should take place should a Security Breech take place on an SMB server, I will instead focus on the assignment and the information they are asking for. Should a breech happen in an SMB server as indicated by data collected by the server software manager the previous day. It is inherent that, those individuals or groups (PVG), put in place to work those tools that were set up for them when the situation came about, ie: patch management tools, remediation tools, etc... Careful analyses as a result of the breech, needs to be reported (as was the case in the assignment) to software manufacture, who indicated that it would take 3 days to have a patch available for deployment. The LAN administrator however, needs at least one week to download and test the patch in a test environment to determine the effectiveness of the patch. Once completed, he will deploy the patch to associated SMB Server as well as others they may be in use. With that stated, it should take 10 days to test and install the patch based on 3 days for the software manufacturer to create the patch, 7 days to test the patch and then deploy to server. There should be metrics set up in the Security documents of an Organization that will clearly define a more accurate assessment of when a patch will come on line to counter a...
Words: 252 - Pages: 2