1 / 8

Vulnerability Scanning at NU

Robert Vance NUIT-Telecom & Network Services. Vulnerability Scanning at NU. Outline. Scanning Review Tool Discussion The NU Scanning Service Scanning Limitations Futures. Quick Scanning Overview. What is scanning? System Reconnaissance

hong
Download Presentation

Vulnerability Scanning at NU

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Robert Vance NUIT-Telecom & Network Services Vulnerability Scanning at NU

  2. Outline • Scanning Review • Tool Discussion • The NU Scanning Service • Scanning Limitations • Futures

  3. Quick Scanning Overview • What is scanning? • System Reconnaissance • Achieved via Observable Protocol and Application Characteristics • Port Scanning vs Vulnerablity Scanning • Why is it done? • good: Detect and protect exposed systems • bad: No faster way to spread malware

  4. The Tools • Port Scanners • nmap http://www.insecure.org/nmap • Vulnerability Scanners • Nessus http://www.nessus.org • NeWT http://www.tenablesecurity.com/ • Retina http://www.eeye.com/ • ISS http://www.iss.net

  5. The Idea • The fundamental idea behind vulnerability scanning is to identify and then fix system weaknesses before miscreants use those weaknesses against us.

  6. Vulnerability Scanning Service • Handpicked Nessus Plugins • Loop through the NU Address Space • Import failed Scan Results into NUSA or NetPass • and Repeat

  7. Scanning Limitations • Firewalls • Other Visibility Limitations • False Positives • Scanning only gets you so far...

  8. Possible Futures • On Demand Scanning • Host Based Agents • Stateful Firewalls Everywhere

More Related