Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: network Vulnerability

  1. #1
    Senior Member
    Join Date
    Dec 2003
    Posts
    137

    network Vulnerability

    What are the methods to check for vulnerabilities in a network and if they are found what steps to be taken immediately.
    Life is a shipwreck but we must not forget to sing in the lifeboats. ~Voltaire

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401

    Re: network Vulnerability

    Originally posted here by saintakaagni
    What are the methods to check for vulnerabilities in a network and if they are found what steps to be taken immediately.
    First off all you'll need to know what you're dealing with. You'll need to know what protocols are being used and the kinds of services that are offered on that network. Once you know that you can look at the known vulnerabilities of that protocol/service. If there are known issues you can think about securing them. Perhaps installing a certain patch or, if patching is not an option, there maybe workarounds.

    There are programs that you can use that automate this process. These are know as vulnerability scanners. Nessus is a good example. Programs like that can give you a list of found vulnerabilities.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    there a lot of step maybe you can visit this site www.nessus.org they can help you with your network vulnerability.... hope it help a little bit...

  4. #4
    Senior Member
    Join Date
    Sep 2003
    Posts
    500
    I agree with Sgear. Nessus is great (if you are running linux) it will pretty much hack at your system with whatever you tell it to and then it will give you the results and ways to fix them.

    If you are running XP, you could always use Microsoft's Baseline Analyzer

    https://s.microsoft.com/technet/tree...s/mbsahome.asp

    or a pay scanner like Saint

    http://www.saintcorporation.com/prod...nt_engine.html

    and of course there are a plethora of internet scanners out there, for example:

    https://testzone.secunia.com/online_...ility_scanner/

    http://www.broadbandreports.com/tools
    You shall no longer take things at second or third hand,
    nor look through the eyes of the dead...You shall listen to all
    sides and filter them for your self.
    -Walt Whitman-

  5. #5
    The first step in finding vulnerabilities in a network would be to interview every system owner in your organization and find out as much about applications and processes as you can. This will help you to understand what devices are doing and why. Ask as many open ended questions about the applications as you can. You will learn a lot during this process.

    Once you are done with your interviewing and assessment, check and document each network device, clients, servers, routers, switches, etc. Get a copy of visio and begin to map out the network and it's relationship to the outside world. Document the patche levels of each server. Research the status of firewall/router software and find out if there are any known vulnerabilities in the running versions.

    Find and document all voice and data circuits. Document these circuits in Visio and show any relatioinship to the data network.

    At this point is when you can download or use some of the tools listed in some of the above post to check for extraneous services. Without the data you have gathered through asking questions, you will second guess those services that you find running on devices, attempt to stop those services you deem to be extraneous, and ruin the day's production and have to explain to your boss why you took the production/planning system down in the middle of the day.

    Once you are done with this process, you have not only learned a lot about your infrastructure, you will have the knowledge you need to safely recognize extraneous services, and also identify vulnerabilities since now you know how things relate to one another.

    This process is sooo valuable in learning your infrastucture from top to bottom and will help you to make very good decisions from a security standpoint.

    Good Luck.
    - Boyam


  6. #6
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Just to add to the growing links of tools that scan your network for vulnerabilities, I like Langurad.

    www.gfi.com/languard
    =

  7. #7
    Junior Member
    Join Date
    Jan 2004
    Posts
    14
    The only way to truly test your network is to do the following:

    1) Map out your network. This means you need to see if you can access the different computers on your network. Use one computer from the inside of your network and then map out the network, perhaps using tools such as ping and Nmap. Then, perform the same thing from the outside of your network. Use the same tools (ping and Nmap) and include other firewall bypassing tools such as Firewalk (available here: http://www.packetfactory.net/firewalk/) to further test out your network's response to these basic scanning attempts.

    2) Now that you've located the computers on the network, you can start to perform more indepth scans of the individual computers. Using port scanners (such as Nmap, available here: http://www.insecure.org/nmap/) and Network Security Scanners (such as LANguard, Microsoft Baseline Scanner OR perhaps Nessus, although it depends on the OS you're running), continue to find holes in your system.

    3) Once you have identified the individual holes in your system, go online and search for exploits for these holes. Test them out and what kind of results you get.

    4) Lastly, plug up all the known holes in your network and then restart the process to see if you successfully secured your network.

    Hope this helps!

    Happy BHH (Black Hat Hunting) and Happy WHH (White Hat Hacking)

  8. #8
    Senior Member
    Join Date
    Dec 2003
    Posts
    137
    is attacking your network and checking it is a good way or not
    Life is a shipwreck but we must not forget to sing in the lifeboats. ~Voltaire

  9. #9
    Sure, attacking your network is a good way to assess your vulnerabilities. I think the question to ask yourself is, do you know enough about the different types of vulnerabilities and the tools needed to find the holes to be able to make an accurate assessment, if the answer is no, find a company that will do it for you. They will find things you wouldn't think to look for.
    - Boyam


  10. #10
    Junior Member
    Join Date
    Jan 2004
    Posts
    14
    I would say that the only good way of testing your network for security vulnerabilities is to do it yourself. Perform everything manually with the same tools that crackers and script kiddies use and you'll have a good bit of knowledge on what your up against.

    Hope this helps!

    Happy BHH (Black Hat Hunting) and Happy WHH (White Hat Hacking)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •