Lab 8 - Network Security - security scanner
Pre-assignment: "A
security scanner is a software which will audit
remotely a given network and determine whether bad guys (aka 'crackers') may
break into it, or misuse it in some way.
Unlike many other security scanners, Nessus does
not take anything for granted. That is, it will not consider that a given
service is running on a fixed port - that is, if you run your web server on
port 1234, Nessus will detect it and test its
security. It will not make its security tests regarding the version number of
the remote services, but will really attempt to exploit the
vulnerability."
Assignment:
- PART 1: Use Nessus to scan for vulnerabilities of computers
- Download and install a
copy of the Nessus client: http://www.nessus.org/download.html
(either Nessus 3.0 for Unix/Linux client; or NessusWX for a Windows client)
- Run Nessus and explore the different options.
- I have already
installed the Nessus server on x.x.x.x (given during workshop) and created accounts
for all of you. I will e-mail you your login ID and password for Nessus (NOTE: this is not a user account for the
computer).
- I have created the
accounts to allow you to ONLY scan vulnerabilities on two computers. DO
NOT set up your own Nessus server and run it on
your network without the permission of your network administrator.
- Run the client program
(the first time it will request permission to create a database; accept
that)
- Communication |
Connect
- enter
x.x.x.x for the name of the server
- use
the default value of 1241 for the port number
- use
the default value of TLSv1 for the encryption method (it will create a
certificate; Save it)
- enter
the login name and password provided for you
- New Session
- Enter
the IP addresses (one at a time) above for the Target
- Leave
the default values of "safe check" and "optimize the
test" for the Options
- Leave
the default "privileged ports" and be sure that "ping the
remote host" and "tcp connect
scan" are checked
- Press the Enter key to
execute the session (be sure the "Enable session saving" is
checked
- This
will bring up a display showing the scans for the three computers
- When
all three scans are complete, close the display. This will bring up a
Session Results display
- Save
the report to a text file.
- PART 2:
Use NeWT to scan for vulnerabilities of
computers
- Download and install a
copy of the Nessus client: (http://www.tenablesecurity.com/products/newt.shtml) for Windows
- As Administrator,
install NeWT (will require a reboot to be
active as a service)
- Install the Plugin Update Activation Code (found in the textfile)
- Start NeWT from the “Desktop” or “Start” menu.
- Choose a “New Scan
Task”
- Scan 127.0.0.1 and other
approved computers in the lab only.
Post-assignment: e-mail the
following:
1)
Submit the report that you saved above.
2)
Submit answers to the following questions based on the
reports you generated.
a) Which
host had the highest number of vulnerabilities?
b) Least
number of vulnerabilities?
c) What
operating systems are running on the computers?
d) What
web server (if any) is running on each computer?
e) List
several services running on each computer?
f)
Identify one high severity
vulnerability for each computer (if there is one). Describe the
vulnerability and discuss control(s) to minimize the risk from the
vulnerability.
3)
Answer the following questions:
o
Describe several uses of Nessus.
o
Which feature of Nessus
did you find the most useful and why?
o
Which feature of Nessus
did you find the most difficult to use and why?