260 likes | 479 Views
Securing Your Network Fethi Amara – Email: famara@gulfcomputers.com. Vulnerability Assessment: Steps to a More Secure Network. Gulf Computers Professional Services . Provider of multivendor, data network consulting services Reference list in the region includes:
E N D
Securing Your Network Fethi Amara – Email: famara@gulfcomputers.com Vulnerability Assessment: Steps to a More Secure Network
Gulf ComputersProfessional Services • Provider of multivendor, data network consulting services • Reference list in the region includes: • Standard Chartered Bank (Dubai) • Emirates Airlines / DNATA Group of Companies (Dubai) • Sharjah Municipality (Sharjah) • Town Planning Department (Abu Dhabi) • Civil Defense (Abu Dhabi) • GEC Marconi (Abu Dhabi) • Ericsson (Oman) • Sultan Qaboos University (Oman) • Oman Refinery Company (Oman) • Occidental (Dubai and Qatar) • QAFCO (Qatar) • Abdul Latif Jameel (Saudi Arabia) • etc.
The Twenty Most Critical Internet Security Vulnerabilities • The SANS Institute www.sans.org (SysAdmin, Audit, Network, Security) • The NIPC www.nipc.gov (National Infrastructure Protection Center) • The FBI www.fbi.gov
Top 10 Vulnerabilities to Windows Systems • Internet Information Services (IIS) • Microsoft Data Access Components (MDAC) -- Remote Data Services • Microsoft SQL Server • NETBIOS -- Unprotected Windows Networking Shares • Anonymous Logon -- Null Sessions • LAN Manager Authentication -- Weak LM Hashing • General Windows Authentication -- Accounts with No Passwords or Weak Passwords • Internet Explorer • Remote Registry Access • Windows Scripting Host
Top 10 Vulnerabilities to Unix Systems • Remote Procedure Calls (RPC) • Apache Web Server • Secure Shell (SSH) • Simple Network Management Protocol (SNMP) • File Transfer Protocol (FTP) • R-Services -- Trust Relationships • Line Printer Daemon (LPD) • Sendmail • BIND/DNS • General Unix Authentication -- Accounts with No Passwords or Weak Passwords
The 7 Top Management Errors that Lead to Computer Security Vulnerabilities • Number Seven: Pretend the problem will go away if they ignore it. • Number Six: Authorize reactive, short-term fixes so problems re-emerge rapidly • Number Five: Fail to realize how much money their information and organizational reputations are worth. • Number Four: Rely primarily on a firewall.
The 7 Top Management Errors that Lead to Computer Security Vulnerabilities • Number Three: Fail to deal with the operational aspects of security: make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed • Number Two: Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security. • Number One: Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.
Number of Vulnerabilities and incidents reported (According to www.cert.org) • Incidents reported in 2000-2003 • Vulnerabilities reported in 2000-2003
The Virus Problem:major catastrophes • 45 million e-mail users worldwide affected by LoveBug (Computer Economics, May 2000) • LoveBug cost companies an estimated US$10 billion • Dell stopped production for five days due to FunLove • 32,000 copies of Melissa hit one company in 45 minutes • No one is safe • Microsoft, FBI, Houses of Parliament, Barclays, BT Lost productivity, but also loss of reputation
Vulnerability Scanning Definition • Testing for areas that allow unauthorized access to networks, systems, and applications • From outside enterprise • From internal sources
Vulnerability Sources • Networks • Firewalls • Devices, e.g., routers, switches • Systems • Servers • Operating system services • Applications • Configuration problems • Design flaws
Obvious Find vulnerabilities Not so obvious Test intrusion detection Test incident response Test managed security provider IDS is no substitute Speed of attack problem, HoneyNet Project Limited scope Why Conduct Vulnerability Scans?
Permissible systems All access points including Wireless Dial-up VPNs Vulnerability Targets
Vulnerability Scan Steps • Multiple scanners for different targets • Firewalls • Web servers • Wireless network • Lotus Notes • Novell Netware • Many more • Attack signature database • Must be updatable • Identifies potential vulnerabilities • False positives expected
Scanner Characteristics • Specialization - specific target • Number of tests - multiple targets • Reporting • Fix information • False positives • Other features, e.g., client/server
Open Source vs. Commercial Scanners Open Source Commercial Free Frequent updates More vulnerabilities Can be customized Easy to install/operate Enhanced report generation Fully supported Pros Limited support Lots of false positives Linux expertise needed Cost can be high Cost of support Cons Nessus Sara Cybercop ISS Examples
How Long Does it Take? • It depends • Number of subnets • Number of hosts • Blocks in place • UDP • Firewalls play dead mode • Thoroughness
Conducting the Scan • Arrange time for scan • Delay start to avoid scapegoating • Special scan for potential trouble systems • Be available 24x7
Data Analysis • Challenges • Lots of false positives • Meaningful data not always easy to identify • Know your audience • Severity classification • Department focus • Reporting results • Common Vulnerability and Exposures (CVE)
Hidden Benefits • Study how security is implemented • Find unknown hosts • Learn about change control process • Good basis for a security policy if one doesn't exist • Policy enforcement
The Bottom Line • Scan for vulnerabilities in networks, systems & applications • Choose the right target and matching scanner(s) • Conduct scan in defined timeframe • Sift data for relevancy
Gulf Computers Professional Security Services • Evaluation • Penetration testing, assessment, audit, vulnerability analysis • Strategic • Incident response, programs, policies, training • Technical • PKI, VPNs, Firewalls, IDS, AAA integration, PDIO