Vulnerability Assessment. A. Open Vulnerability Assessment (OpenVAS)

Similar documents
Vulnerability Assessment Lab

1 Disabling Access to USB Mass Storage Devices

Vulnerability analysis

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Lab - Configure a Windows 7 Firewall

ESISS Security Scanner

SSL VPN Setup for Windows

4. Getting started: Performing an audit

Mapping ITS s File Server Folder to Mosaic Windows to Publish a Website

NF5 VOIP Setup Guide (for Generic)

Using Remote Web Workplace Version 1.01

In this lab you will explore the Windows XP Firewall and configure some advanced settings.

Apple Mail Setup Guide (POP3)

SecurityCenter 5.1 with Nessus Agent Support. October 22, 2015

Nessus Agents. October 2015

TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE

Lab - Configure a Windows XP Firewall

Instructions for Microsoft Outlook 2003

Purple Sturgeon Standard VPN Installation Manual for Windows XP

Introduction to Laboratory Assignment 3 Vulnerability scanning with OpenVAS

TRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE

Install FileZilla Client. Connecting to an FTP server

Centerity Monitor. Technical Guide: Centerity VCE VBlock Monitoring V6.15

1. Open Thunderbird. If the Import Wizard window opens, select Don t import anything and click Next and go to step 3.

Setting Up Sharp MX-Color Imagers To Scan To

exacqvision Web Server Quick start Guide

Integrating LANGuardian with Active Directory

Using Remote Desktop with No-IP

Configuring VPN Using Windows XP

Lab Configuring Access Policies and DMZ Settings

Having Fun with QNAP and your Home Automation

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on. User Information

Microsoft Entourage 2008 / Microsoft Exchange Server Installation and Configuration Instructions

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

How to set up Outlook Anywhere on your home system

HP Client Automation Standard Fast Track guide

Contents. VPN Instructions. VPN Instructions... 1

Elluminate Live! Access Guide. Page 1 of 7

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

Advanced Event Viewer Manual

Scan to Quick Setup Guide

Connecting To SOM Network Drives With Windows XP

Cloud Portal User Guide

This is a training module for Maximo Asset Management V7.1. In this module, you learn to use the E-Signature user authentication feature.

Snow Active Directory Discovery

Exchange 2003 Mailboxes

Orientation Course - Lab Manual

IntraVUE Plug Scanner/Recorder Installation and Start-Up

EXTRA. Vulnerability scanners are indispensable both VULNERABILITY SCANNER

Setting up Hyper-V for 2X VirtualDesktopServer Manual

NAS 253 Introduction to Backup Plan

LANDesk Management Suite 9.0. Getting started with Patch Manager

Set Up Setup with Microsoft Outlook 2007 using POP3

Elluminate Live! Access Guide. Page 1 of 7

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

1. Navigate to Control Panel and click on User Accounts and Family Safety. 2. Click on User Accounts

Using Virtual Machines

Remote Desktop access via Faculty Terminal Server Using Internet Explorer (versions 5.x-7.x)

Lab - Configure a Windows Vista Firewall

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

CIT 480: Securing Computer Systems. Vulnerability Scanning and Exploitation Frameworks

Active Directory Integration for Greentree

MadCap Software. Upgrading Guide. Pulse

support HP MFP Scan Setup Wizard 1.1

TPG Technical Support. Troubleshooting Help Slow Browsing

Client Configuration Secure Socket Layer. Information Technology Services 2010

Installing and Configuring Nessus by Nitesh Dhanjani

Nipper Studio Beginner s Guide

Sophos Endpoint Security and Control standalone startup guide

LANDesk Software: Version 8 Including Patch Management

Vulnerability Remediation Plugin Guide

Lumension Endpoint Management and Security Suite

Configuring IBM Cognos Controller 8 to use Single Sign- On

Configuring on Mobile Devices

Setting up in Outlook Express

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li

SyAM Software Management Utilities. Performing a Power Audit

1 Installation. Note: In Windows operating systems, you must be logged in with administrator rights to install the printer driver.

How to Configure Sophos Anti-Virus for Home Systems

NAS 206 Using NAS with Windows Active Directory

Preparing your MAC Computer to access QuickBooks Hosted with the Citrix Receiver or Online Plugin

Remote Access. Connecting to your computer from home

Accessing the Media General SSL VPN

Juniper Networks Management Pack Documentation

Installing and Configuring Lexia Reading Desktop Software

Connec ng to Northwest s WIFI with Windows 7

LogLogic Trend Micro OfficeScan Log Configuration Guide

Vulnerability Assessment Using Nessus

POP3 Connector for Exchange - Configuration

Microsoft Labs Online

Monitoring ESX/ESXi servers with Verax NMS & APM

How to Setup OSX Mail to POP an Exchange Account

Transcription:

Vulnerability Assessment After target discovery and enumeration, the next step is identifying critical security vulnerabilities in the target systems. Vulnerability assessment depends on the type and OS of the target. Vulnerability assessment can performed at the network, host, or application levels. At the end of this document, you will be asked to complete the third part of the project. Therefore, even though not required, it is highly recommended to test the steps as you read the document. A. Open Vulnerability Assessment (OpenVAS) The Open Vulnerability Assessment System (OpenVAS) is a collection of several services and tools offering a comprehensive vulnerability scanning and vulnerability management platform. OpenVAS is a client-server based application. In a network, a server will be typically dedicated to host OpenVAS. The users will connect to the OpenVAS server to perform vulnerability assessment of target. Configuration of OpenVAS is a lengthy process (see the instructions at http://www.backtrack-linux.org/wiki/index.php/openvas). The CVCLAB includes a preconfigured OpenVAS server. This document demonstrates how to perform vulnerability assessment using this OpenVAS server. This activity will be performed in your Windows 7 virtual machine. During the activity, you will be connecting an OpenVAS server using a client called Greenbone Security Desktop. Connecting to the OpenVAS server Start Greenbone Security Desktop (a link is available on the Desktop). Use the following information: Server: 192.168.1.254 Port: 9390 Username: ptest Password: toor 1 of 9

After connecting to the OpenVAS center, the following window will appear. First, we will add a target and then add a scanning task, and finally we will execute the task and analyze the results. Running a task can taketoosome time so please be patient. 2 of 9

Adding a Target Let us now add a target to scan. Click the Targets tab (in the bottom windows) and then click the create button ( ) to add the host 10.0.0.4 as shown below. Use your first name initial and last name in parentheses so that your scan will not interfere with others. In addition, your instructor will check the OpenVAS tasks and history to determine whether you have completed this step or not. 3 of 9

After adding the target host, it should appear in the Targets window as shown below. Adding Tasks In OpenVAS, a task means a Click the Tasks tab (in the bottom windows) and then click the create button ( ) to add a task as shown in the figure below. Name your task as your first name initial and last name. Select the target that you have created in the previous step. In this particular case, we will perform a Full and fast scan. 4 of 9

Click Create to add the task. If the task does not appear in the Tasks tab, click the refresh button ( ). Your task should appear as a new task as shown below. Running Tasks The task can be started by clicking the start button ( ). Note a task may run several hours depending on the scan configuration selected and network bandwidth as well as the resources of the OpenVAS server. A Full and fast scan should be completed about 10 minutes in the CVCLAB. A best practice is to create a schedule and assign the the schedule to the task. For example, a task can be run on every Friday night, and the results can be analyzed in the following morning. 5 of 9

After starting the task, its status changes to Requested. After this point, you may close the client (Don t do this!) and re-login periodically to check its status. The status of the task can be updated by clicking the refresh button ( ). Running Tasks When the task is completed, its status changes to Done as shown in the following picture. The Dashboard displays a summary of the scan. Cleary, the host 10.0.0.4 has several high Threats that need to be addressed (the target has not been updated last three years!). 6 of 9

The details of the vulnerability report can be accessed by click on the details button ( ). After maximizing the report window ( ), all reports related to the task appear in the Report tab. 7 of 9

The details of a report can be accessed by double-clicking on the report. For example, OpenVS recommends disabling the discard service on the host 10.0.0.4. Vulnerability assessment is continuous process. The network security administrators should frequently assess vulnerability of their system. Client-server vulnerability assessment tools simplify this process. In this activity, you have used OpenVAS. Nessus, a proprietary comprehensive vulnerability scanning program, is the most popular vulnerability scanner used 8 of 9

in the industry today. OpenVAS and Nessus share many common features as Nessus was created based on OpenVAS. All vulnerability scanners have a database of vulnerability tests, which are created and released by the vendors. The OpenVAS server in the CVCLAB performs over 25,000 tests in total. Therefore, a comprehensive vulnerability analysis may take several hours or days. Penetration Testing Assignment-Part 3 In the previous activities, you should have discovered the host 10.0.0.5. Perform a vulnerability assessment of this host. In your report, include several recommendations to harden this host. Make sure to name your Task as 10.0.0.5 (Initial Last Name) so that your instuctor can see your report. 9 of 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information