VULNERABALITY ASSESSMENT ON THE COMPUTER NETWORK SECURITY



Similar documents
A Study of Technology in Firewall System

Universiti Teknologi MARA. Vulnerability Analysis on the Nenvork Security by Using Nessus

AN OVERVIEW OF VULNERABILITY SCANNERS

Installing and Configuring Nessus by Nitesh Dhanjani

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Why Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation

How to build a security assessment program. Dan Boucaut

NETWORK PENETRATION TESTING

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

Need for Database Security. Whitepaper

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Information and Communication Technology. Patch Management Policy

An Introduction to Network Vulnerability Testing

8 Steps for Network Security Protection

Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

8 Steps For Network Security Protection

Nessus and Antivirus. January 31, 2014 (Revision 4)

How To Perform An External Security Vulnerability Assessment Of An External Computer System

Maruleng Local Municipality

Cisco Advanced Services for Network Security

Web App Security Audit Services

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

Guide to Vulnerability Management for Small Companies

Concierge SIEM Reporting Overview

Network and Host-based Vulnerability Assessment

Patch Management Policy

Medical Device Security Health Group Digital Output

Nessus Agents. October 2015

System Specification. Author: CMU Team

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

THE TOP 4 CONTROLS.

Identification of File Integrity Requirement through Severity Analysis

How To Test A Control System With A Network Security Tool Like Nesus

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Don t skip these expert tips for making your firewall airtight, bulletproof and fail-safe. 10 Tips to Make Sure Your Firewall is Really Secure

The Self-Hack Audit Stephen James Payoff

Vulnerability analysis

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

Cisco IPS Tuning Overview

Intrusion Detection Systems. Darren R. Davis Student Computing Labs

Cautela Labs Cloud Agile. Secured.

Running head: USING NESSUS AND NMAP TOOLS 1

How To Manage A System Vulnerability Management Program

Nessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

SANS Top 20 Critical Controls for Effective Cyber Defense

Part Banker. Part Geek. All Security & Compliance.

SCP - Strategic Infrastructure Security

Footprinting and Reconnaissance Tools

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

1 Scope of Assessment

Security Maintenance Practices. IT 4823 Information Security Administration. Patches, Fixes, and Revisions. Hardening Operating Systems

inside: THEME ISSUE: SECURITY edited by Rik Farrow THE MAGAZINE OF USENIX & SAGE November 2000 volume 25 number 7

IDS and Penetration Testing Lab II

How To Audit The Mint'S Information Technology

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

12 Security Camera System Best Practices - Cyber Safe

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li

IDS and Penetration Testing Lab ISA656 (Attacker)

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

MWR InfoSecurity Security Advisory. Symantec s Altiris Deployment Solution File Transfer Race Condition. 7 th January 2010

CMPT 471 Networking II

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

IT Compliance Volume II

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Windows Operating Systems. Basic Security

Introduction to SquareTrade Security Services

Web Security. Discovering, Analyzing and Mitigating Web Security Threats

IBM Managed Security Services Vulnerability Scanning:

HP Security Assessment Services

Introduction to Nessus by Harry Anderson last updated October 28, 2003

The Ten Most Important Steps You Can Take to Protect Your Windows-based Servers from Hackers

Critical Controls for Cyber Security.

CRYPTOGEDDON: HEALTH CARE COMPROMISE. Todd Dow, CISA, PMP Founder,

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

Security Testing: Step by Step System Audit with Rational Tools. First Presented for:

WHITE PAPER. An Introduction to Network- Vulnerability Testing

Vulnerability Assessment

Project Proposal Active Honeypot Systems By William Kilgore University of Advancing Technology. Project Proposal 1

Threat Management: Incident Handling. Incident Response Plan

Vulnerability assessment tools

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Vulnerability Scanning & Management

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Vulnerability Assessment Lab

Penetration Testing Report Client: Business Solutions June 15 th 2015

Vulnerability Scanning and Patch Management

24/7 Visibility into Advanced Malware on Networks and Endpoints

Security Issues with Integrated Smart Buildings

Security Considerations White Paper for Cisco Smart Storage 1

WHITEPAPER. Nessus Exploit Integration

Keywords Vulnerability Scanner, Vulnerability assessment, computer security, host security, network security, detecting security flaws, port scanning.

Management (CSM) Capability

GFI White Paper PCI-DSS compliance and GFI Software products

McAfee SECURE Technical White Paper

Transcription:

VULNERABALITY ASSESSMENT ON THE COMPUTER NETWORK SECURITY Firkhan Ali B. Hamid Ali, 1 Maziah Bt. Na man@na aman 1 Fakulti Teknologi Maklumat dan Multimedia, Kolej Universiti Teknologi Tun Hussein Onn, Beg Berkunci 101, 86400 Parit Raja, Johor Darul Takzim. Tel: 07-4538030, Fax: 07-4532199 E-mail: firkhan@kuittho.edu.my ABSTRACT Nowadays, miscellaneous towards computer network can always be read through newspaper and be seen or hear via electronic media. This problem is happen because of lack of effort on computer network security system. Even the network security system or application is good, but vulnerability towards the computer network has to be implied regularly. So, vulnerability assessment is important to be done in the computer network. Vulnerability assessment had done towards computer network at Computer Networking Lab, Fakulti Teknologi Maklumat dan Multimedia (FTMM), Kolej Universiti Teknologi Tun Hussein Onn (KUiTTHO). Security Life Cycle Methodology was used as a guideline to execute Vulnerability assessment by using software, Nessus which is based on client server model. The result of this vulnerability assessment is there's a lot of vulnerability exists inside the computer network nodes at FTMM Networking Technology Lab. The vulnerabilities that had found were such as open port, useless application, bugs in the operating system and others. Therefore, a few steps had been taken such as doing patching, update the application version and operating system that have been used, close the port that is not needed and others. When reevaluation had made, it can be minimize the amount of vulnerabilities inside the computer network. Keywords: attacks, computer network, exploits, network security, security, vulnerability, vulnerability-scanning. INTRODUCTION Malaysian organization has face very tough time including FTMM, KUiTTHO according to the issues, statistic and news of the computer network security that had provided by Malaysian Computer Emergency Response Team (MyCERT). MyCERT had claimed that most of the system or network administrators in Malaysia are not practice proactive action to secure the computer system before the attacks are exist and breach into one of the server or computer network. So, these things will make Information and Communication Technology (ICT) facilities become slowly the process or usable use. Then, it will be affected to the quality and quantity of productions and business strategy in the organizations. [1] Vulnerability Assessment is proactive action which mean tahat the process to show and report the existing vulnerabilities inside the computer network. It will provide scanning computer network to detect the existing vulnerabilities and suggest the action that should be take on it before it use by unresponsible person. It also provide the level of security for that vulnerabalities such as low, medium and high level. [2] So, the purpose of this study is to do vulnerability assessment inside the computer network system that will permit the possible exploits. Then, provide general useful tips and guidelines from the report to manage and minimize those weaknesses in the computer network system at FTMM, KUiTTHO. MATERIALS AND METHODS Open source vulnerability scanning tool, Nessus had used as a tool to detect and capture information about the vulnerabilities that exist inside the nodes of the computer network. Nessus is the client-server application. [3]

Security Life Cycle or SLC had used as a methodology to do the vulnerability assessment inside the computer lab. [4] The phases of this methodology can be view inside the figure 1 below. Figure 1 :Security Life Cycle (Lee, Wan Wai.(2001)). Security Life Cycle 1. DIY Assessment. SANS Institute 2001. In the first phase or assess s phase, vulnerabality scanning had done by using Nessus to determine the existing holes that have inside the computer networking lab. Assessment had done over 30 nodes inside the lab. Then, in second phase, the result of the vulnerabality that had in phase one will be analyse for desigining of proper configuration according to the standard of CVE or Common Vulnerabalities and Exposures. In this phase, planning to design the proper solution to overcome existing vulnerabilities had done. It s very important to understand in detail on each existing vulnerability for the designing the best solution. [5] The next phase is the process to deploy the solution that had be designed on the each vulnerability such as closed unneeded port, update the patch, deploy security fix and others. The last phase is very important to be sure all the configuration or solution that had be done can be done in functionally and it also can become problem identifier. In this phase, vulnerability scanning and assessment will be done severally to be sure the vulnerabalities are in the minimum level or none. RESULTS AND ANALYSIS The result from this vulnerability scanning task by using Nessus can be categorized into two types which it including the result of the vulnerability scanning on the phase 1 of SLC and the result of vulnerability scanning on the phase 4 of SLC. In the phase 1, the result of the vulnerability scanning can be view from the Figure 2 and Table 1. In this result, the vulnerability had categorized by its type of security such as security notes, security warning and security holes. [6] Security note is information about the open ports or available services that exist inside the hosts. Security warning is information about available open ports or services too but it can be vulnerable into possible attack. 2

1 2 3 4 5 6 7 8 9 10 11 12 Packet 1 2 3 4 5 6 7 8 9 10 11 12 S tatus gre en=enab led, l ink OK flashi ng g re en=di sab led, l ink OK off=lin k, fai l Status S UP E R S T A CK 3Com SD Security hole is information about open ports or available services that already vulnerable in the computer network system and available use by an attacker to launch an exploit. 1x 6x 7x 1 2x SuperStack II Baseline 10/100 Switch Figure 2: Reference nodes that available of vulnerability in the lab Table 1: the result of vulnerability on the phase 1 of SLC Lab Security holes Security warning Security notes Networking Technology 71 141 501 There is around 7774 of plug-ins that is very specific type of vulnerability that are located inside the Nessus application server to use for checking security hole or vulnerability. Then, all this plug-ins is classify into 33 types of family plug-in. From the Table 1, there were 71 of the security holes, 141 of the security warnings and 501 of the security notes that exist over the 30 hosts inside the networking technology lab in the phase 1 of SLC. The result in the phase 1 will be analyzed for doing the tasks in phase 2 and phase 3 of SLC in this vulnerability assessment study. In the phase 4, the result of the vulnerability scanning can be view from the Table 2.In this result, the vulnerability had also categorized by its type of security such as security notes, security warning and security holes. 3

Table 2: the result of vulnerability on the phase 4 of SLC Lab Security holes Security warning Security Notes Networking Technology 17 29 144 From the Table 2, there were 17 of the security holes, 29 of the security warnings and 144 of the security notes that exist over the 30 hosts inside the networking technology lab in the phase 4 of SLC. The result in the phase 4 will be analyzed for doing again all the phases in the SLC to minimize or remove all the vulnerabilities. It also shown the result in the phase 2 and 3, whether the solution that had be take in action is success or fail in this vulnerability assessment study. In the 30 available and alive hosts at the lab s computer network, there is possibly having open ports within the available services. So, Nessus application had scan all over that open ports and available services that exist on it. In the Nessus s report, security holes are referring to the weaknesses or possible exploits that are very important to analysis in this study. [7] From the result, this study had found that more than 80% of the security holes are categorize on the Windows's vulnerability and the others are categorized on Gain Root Remotely, CGI abuses and Miscellaneous by referring it to the types of family for Nessus plug-in. For example in the non-server application, software that run under the Window's environment like Internet Explorer, Macromedia Flash, Microsoft Visual Basic and others is full of lack in the security aspects because of bugs and viruses. So, the installation, configuration and maintenance for all the software that run under Window s environment must be doing properly with full of awareness on its security aspect like patching, configuration setting and others. [8] DISCUSSION At the end of this study, there are several of recommendations, practices and actions that are need to be revised for solving and minimize the problems of possible exploits or vulnerabilities from the Nessus report as soon as possible. There are two types of action that should be taken which it in technical overview and management overview. In the management overview, continuously actions that should be needed to consider are provide a proper, suitable and practice security policy in the organizations and provide education program to educate the staff on using IT facilities in wellness and secure. In the technical overview, continuously actions that should be needed to consider are (1) proper installing and configuration the applications or software, operating system and hardware base items like firewall, router and other that need to revise its patching, bug and security fix, (2) close all unneeded ports and services on every node or hosts in the computer network system, (3) keep regularly perform the practice of security audits and security assessments, (4) keep regularly update the patching, bug and security fix in any software, application, operating system and network components and (5) avoid the practices in default installation. All this actions are for the better practices of computer network security in the future. 4

CONCLUSION In this vulnerability assessment the number of vulnerabilities and the number of possible vulnerabilities had reduced more rather than before. However, the process of vulnerability assessment is needed more time and efforts to make it zero vulnerability. Then, the vulnerability assessment must have done regularly due to expanding of exploit, vulnerability or threat that is always changing and reform. All the most valuable information of this security holes or possible vulnerability regarding to the weaknesses in the computer network security in this study had produced by powerful of Nessus. The weaknesses or security holes are the same situation with the improperly lock or close the doors or windows in the house. So, that condition can be possibly compromise in the security aspect to allow unauthorized person to hack in that house. Within the lack of practices like that situation, it may invite the most dangerous of threats or attacks into the computer system. Today, computer network security is involves in very tough area that needs to meet any level of risks that are acceptable. But, the main key to practice effectively in the computer network security is it must meet the organization missions, goals, security policies and security practices at the preliminary action. [9] The lack of this study is the vulnerability assessment had done in certain selected vulnerability and possible vulnerability only in the lab because of the limitation time and effort. However, the contribution of this study is more valuable that can increase the level of sensitivity, awareness and knowledge regarding to the computer network security among the staffs at FTMM. Then, this study and network security assessment can be done to the overall computer network system at FTMM in the future in continuously within the proper practices. REFERENCES [1] Awas! Pencerobohan laman web besar-besaran, http://www.mycert.org.my/news/2004_01_28_01.html [30 May 2004] [2] Bauer, M. (2001). Paranoid Penguin: Checking Your Work with Scanners, Part I (of II): nmap Linux Journal. Volume 2001, Isu 85 (Mei 2001). [3] Bauer, M. (2001). Paranoid Penguin: Seven Top Security Tools Linux Journal. Volume 2004, Isu 118 (Februari 2004). [4] Lee, Wan Wai. Security Life Cycle 1. DIY Assessment. (Versi 1.0, November 13, 2001), SANS Institute 2001. [5] Blaha, K. D. and Murphy, L. C. (2001). Targeting assessment: how to hit the bull's eye Journal of Computing Sciences in Colleges. Volume 17, Isu 2 (Disember 2001). [6] Deraison, R., Haroon Meer, Temmingh, R., Walt, C., Raven Alder, Alderson, J., Johnston, A., Theall, G. A. (2004). Nessus Network Auditing. Syngress. [7] Bauer, M. (2001). Paranoid Penguin: Checking Your Work With Scanners, Part II: Nessus Linux Journal. Volume 2001, Isu 86 (Jun 2001). [8] Whitman, M. E. (2003). Enemy at the gate: threats to information security Communications of the ACM. Volume 46, Isu 8 (Ogos 2003). [9] Firkhan Ali, H. A., An Analysis of Possible Exploits in the Computer Network s Security in ISC 2005 : Proceedings of the International Science Congress 2005. PWTC, Kuala Lumpur, 2005. pp.338. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information