-
January 12th, 2004, 12:52 PM
#1
Senior Member
network Vulnerability
What are the methods to check for vulnerabilities in a network and if they are found what steps to be taken immediately.
Life is a shipwreck but we must not forget to sing in the lifeboats. ~Voltaire
-
January 12th, 2004, 01:05 PM
#2
Re: network Vulnerability
Originally posted here by saintakaagni
What are the methods to check for vulnerabilities in a network and if they are found what steps to be taken immediately.
First off all you'll need to know what you're dealing with. You'll need to know what protocols are being used and the kinds of services that are offered on that network. Once you know that you can look at the known vulnerabilities of that protocol/service. If there are known issues you can think about securing them. Perhaps installing a certain patch or, if patching is not an option, there maybe workarounds.
There are programs that you can use that automate this process. These are know as vulnerability scanners. Nessus is a good example. Programs like that can give you a list of found vulnerabilities.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
January 12th, 2004, 01:28 PM
#3
there a lot of step maybe you can visit this site www.nessus.org they can help you with your network vulnerability.... hope it help a little bit...
-
January 13th, 2004, 03:28 AM
#4
I agree with Sgear. Nessus is great (if you are running linux) it will pretty much hack at your system with whatever you tell it to and then it will give you the results and ways to fix them.
If you are running XP, you could always use Microsoft's Baseline Analyzer
https://s.microsoft.com/technet/tree...s/mbsahome.asp
or a pay scanner like Saint
http://www.saintcorporation.com/prod...nt_engine.html
and of course there are a plethora of internet scanners out there, for example:
https://testzone.secunia.com/online_...ility_scanner/
http://www.broadbandreports.com/tools
You shall no longer take things at second or third hand,
nor look through the eyes of the dead...You shall listen to all
sides and filter them for your self.
-Walt Whitman-
-
January 13th, 2004, 05:28 AM
#5
Member
The first step in finding vulnerabilities in a network would be to interview every system owner in your organization and find out as much about applications and processes as you can. This will help you to understand what devices are doing and why. Ask as many open ended questions about the applications as you can. You will learn a lot during this process.
Once you are done with your interviewing and assessment, check and document each network device, clients, servers, routers, switches, etc. Get a copy of visio and begin to map out the network and it's relationship to the outside world. Document the patche levels of each server. Research the status of firewall/router software and find out if there are any known vulnerabilities in the running versions.
Find and document all voice and data circuits. Document these circuits in Visio and show any relatioinship to the data network.
At this point is when you can download or use some of the tools listed in some of the above post to check for extraneous services. Without the data you have gathered through asking questions, you will second guess those services that you find running on devices, attempt to stop those services you deem to be extraneous, and ruin the day's production and have to explain to your boss why you took the production/planning system down in the middle of the day.
Once you are done with this process, you have not only learned a lot about your infrastructure, you will have the knowledge you need to safely recognize extraneous services, and also identify vulnerabilities since now you know how things relate to one another.
This process is sooo valuable in learning your infrastucture from top to bottom and will help you to make very good decisions from a security standpoint.
Good Luck.
- Boyam
-
January 13th, 2004, 06:05 AM
#6
Just to add to the growing links of tools that scan your network for vulnerabilities, I like Langurad.
www.gfi.com/languard
-
January 13th, 2004, 03:58 PM
#7
Junior Member
The only way to truly test your network is to do the following:
1) Map out your network. This means you need to see if you can access the different computers on your network. Use one computer from the inside of your network and then map out the network, perhaps using tools such as ping and Nmap. Then, perform the same thing from the outside of your network. Use the same tools (ping and Nmap) and include other firewall bypassing tools such as Firewalk (available here: http://www.packetfactory.net/firewalk/) to further test out your network's response to these basic scanning attempts.
2) Now that you've located the computers on the network, you can start to perform more indepth scans of the individual computers. Using port scanners (such as Nmap, available here: http://www.insecure.org/nmap/) and Network Security Scanners (such as LANguard, Microsoft Baseline Scanner OR perhaps Nessus, although it depends on the OS you're running), continue to find holes in your system.
3) Once you have identified the individual holes in your system, go online and search for exploits for these holes. Test them out and what kind of results you get.
4) Lastly, plug up all the known holes in your network and then restart the process to see if you successfully secured your network.
Hope this helps!
Happy BHH (Black Hat Hunting) and Happy WHH (White Hat Hacking)
-
January 13th, 2004, 06:13 PM
#8
Senior Member
is attacking your network and checking it is a good way or not
Life is a shipwreck but we must not forget to sing in the lifeboats. ~Voltaire
-
January 13th, 2004, 08:06 PM
#9
Member
Sure, attacking your network is a good way to assess your vulnerabilities. I think the question to ask yourself is, do you know enough about the different types of vulnerabilities and the tools needed to find the holes to be able to make an accurate assessment, if the answer is no, find a company that will do it for you. They will find things you wouldn't think to look for.
- Boyam
-
January 13th, 2004, 09:43 PM
#10
Junior Member
I would say that the only good way of testing your network for security vulnerabilities is to do it yourself. Perform everything manually with the same tools that crackers and script kiddies use and you'll have a good bit of knowledge on what your up against.
Hope this helps!
Happy BHH (Black Hat Hunting) and Happy WHH (White Hat Hacking)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|