vulnerability scanners assignment –3 report
TRANSCRIPT
Vulnerability ScannersVulnerability Scanners
Assignment Assignment –– 3 Report 3 Report
CS/IT 463, CS 589 CS/IT 463, CS 589
David BurtonDavid Burton
MayuriMayuri ShakamuriShakamuri
ScannersScanners
�� NessusNessus
By Tenable Network SecurityBy Tenable Network Security
�� SARA SARA -- Security Auditor's Research Assistant Security Auditor's Research Assistant
by Advanced Research Corporationby Advanced Research Corporation
�� NSat NSat -- Network Security Analysis ToolNetwork Security Analysis Tool
by by SourceforgeSourceforge
�� XscanXscan
by by SecurityFocusSecurityFocus
�� XprobeXprobe
by by SourceforgeSourceforge
FeaturesFeatures
�� Nessus and SARANessus and SARA�� Support Critical Vulnerability Exposures (CVE)Support Critical Vulnerability Exposures (CVE)
�� Integrate with National Vulnerability DatabaseIntegrate with National Vulnerability Database
�� Common Vulnerability Scoring Systems (CVSS)Common Vulnerability Scoring Systems (CVSS)
�� Indicates severity level (Low to High)Indicates severity level (Low to High)
�� NsatNsat, XScan, Xprobe, XScan, Xprobe�� No CVE number supportNo CVE number support
�� Indicate CVSS severity (Low to High)Indicate CVSS severity (Low to High)
Scanner Results Scanner Results -- VulnerabilitiesVulnerabilities
�� Nessus (CVE)Nessus (CVE)
�� 9 IP addresses9 IP addresses
�� SARA (CVE)SARA (CVE)
�� 105 IP addresses105 IP addresses
�� NsatNsat
�� 11 IP addresses11 IP addresses
�� XScanXScan
�� 14 IP addresses14 IP addresses
�� XprobeXprobe
�� 38 IP addresses38 IP addresses
Report consolidationReport consolidation
�� Majority VotingMajority Voting
�� No common vulnerabilities found that had CVENo common vulnerabilities found that had CVE
�� Needed different consolidation methodNeeded different consolidation method
�� Frequency MethodFrequency Method
�� Most frequently found vulnerabilities from each Most frequently found vulnerabilities from each
scanner resultsscanner results
�� Critical Vulnerability PerspectiveCritical Vulnerability Perspective
�� Based on the severity rate reported by the scannersBased on the severity rate reported by the scanners
Differences Between Two Methods Differences Between Two Methods
�� Frequency MethodFrequency Method
�� Some of the most frequently found vulnerabilities did Some of the most frequently found vulnerabilities did
not have high risk factornot have high risk factor
�� Gave general consensus on vulnerabilities for the Gave general consensus on vulnerabilities for the
subnetsubnet
�� May not be the best consolidation methodMay not be the best consolidation method
�� Critical Vulnerabilities PerspectiveCritical Vulnerabilities Perspective
�� Highlighted most critical vulnerabilitiesHighlighted most critical vulnerabilities
MetasploitMetasploit
MetasploitMetasploit
MetasploitMetasploit
MetasploitMetasploit
MetasploitMetasploit
MetasploitMetasploit
ChallengesChallenges
� Compliance with NIST and industry standards
� Choosing unique identifier like a CVE number
� Manual analysis of results is impractical
� Analysis techniques
� Hard to be decisive of critical nature of vulnerabilities and threats
ConclusionsConclusions
�� Unique vulnerability identifiers play an important Unique vulnerability identifiers play an important
rolerole
�� CVE can be used as primary key for automation CVE can be used as primary key for automation
processprocess
�� Choosing right report consolidation methods can Choosing right report consolidation methods can
be crucialbe crucial
�� Automating the process is more realistic than Automating the process is more realistic than
manual analysismanual analysis
QuestionsQuestions
??????