Pre-assignment: "A security scanner is a software which will audit remotely a given network and determine whether bad guys (aka 'crackers') may break into it, or misuse it in some way.
Unlike many other security scanners, Nessus does not take anything for granted. That is, it will not consider that a given service is running on a fixed port - that is, if you run your web server on port 1234, Nessus will detect it and test its security. It will not make its security tests regarding the version number of the remote services, but will really attempt to exploit the vulnerability."

1. Download and install a copy of the Nessus client: http://www.nessus.org/download.html (either Nessus 2.0 for Unix/Linux client; or NessusWX for a Windows client
   
2. Run Nessus and explore the different options.

Assignment:

• PART 1: Use Nessus to scan for vulnerabilities of three computers
  • I have already installed the Nessus server on jaring.ColumbusState.edu and created accounts for all of you. I will e-mail you your login ID and password for Nessus (NOTE: this is not a user account for the computer).
  • I have created the accounts to allow you to ONLY scan vulnerabilities on three computers (168.26.223.114, 168.26.193.209, and 168.26.193.210). All three of these hosts are at CSU. This means that your scans will not leave the CSU domain and will not be seen by Peachnet as hacker attacks. DO NOT set up your own Nessus server and run it on your network without the permission of your network administrator.
  • Run the client program (the first time it will request permission to create a database; accept that)
  • Communication | Connect
    1. enter jaring.ColumbusState.edu for the name of the server
    2. use the default value of 1241 for the port number
    3. use the default value of TLSv1 for the encryption method (it will create a certificate; Save it)
    4. enter the login name and password provided for you
  • New Session
    1. Enter the three IP addresses (one at a time) above for the Target
    2. Leave the default values of "safe check" and "optimize the test" for the Options
    3. Leave the default "privileged ports" and be sure that "ping the remote host" and "tcp connect scan" are checked
  • Press the Enter key to execute the session (be sure the "Enable session saving" is checked
  • This will bring up a display showing the scans for the three computers
  • When all three scans are complete, close the display. This will bring up a Session Results display
  • Save the report to a text file.

Post-assignment: SUBMIT TO DROP-BOX in eCollege.

1. Submit the report that you saved above.
2. Submit answers to the following questions based on the reports you generated.
1. Which host had the higest number of vulnerabilites? least number of vulnerabilities?
2. What operating systems are running on the three computers?
3. What web server (if any) is running on each computer?
4. Which computer is mine?
5. List several services running on each computer?
6. Identify one high severity vulnerability for each computer (if there is one). Describe the vulnerability and discuss control(s) to minimize the risk from the vulnerability.
3. Answer the following questions:
• Describe several uses of Nessus.
• Which feature of Nessus did you find the most useful and why?
• Which feature of Nessus did you find the most difficult to use and why?

Discussion Questions

1. (DUE April 16, 2003 by midnight EST) Select one of the following questions to discuss in detail through the threaded discussion.
   • Identify the most probable threats to a personal computing system in an office with fewer than ten employees. That is, identify the vulnerabilities tthat are most likely to be exploited. Estimate the number of times each vulnerability is exploited per year; justify your estimate.
   • Identify the most probable threats to a personal computing system located in a university computer lab. That is, identify the vulnerabilities tthat are most likely to be exploited. Estimate the number of times each vulnerability is exploited per year; justify your estimate.
   • Identify the most probable threats to a personal computing system in a public library. That is, identify the vulnerabilities tthat are most likely to be exploited. Estimate the number of times each vulnerability is exploited per year; justify your estimate.
   • List factors that should be considered when developing a security plan.
   • Investigate your university's or employer's security plan to determine whether its security requirements meet all the conditions listed inthis chapter. List any that do not. When was the plan written? When was it last reviewed and updated? Who wrote the policy? Who enforces the policy? Who does it cover? What resources does it cover?
2. (DUE April 21, 2003 by midnight EST) Select a discussion from one or more of your classmates and respond to their comments.

Webliography Assignment
(DUE April 21, 2003 by midnight EST) Submit to the class Webliography 5 annotated links related to administering security. These will be added to our Information Assurance E-library (http://csc.ColumbusState.edu/summers/e-library/security.html) You will receive 1 point if just a new link; 1 point if annotation for one of my links; or 2 points if a new annotated link.