Gulf Computers Presentation Vulnerability Assessment: Steps to a More Secure Network Securing Your...

Gulf Computers Presentation

Vulnerability Assessment: Steps to a More Secure Network

Securing Your NetworkFethi Amara – Email: [email protected]

04/10/23 2 © © Gulf Computers L.L.C.Gulf Computers L.L.C.

www.gulfcomputers.comwww.gulfcomputers.com

Gulf ComputersProfessional Services Provider of multivendor, data network consulting services

Reference list in the region includes: Standard Chartered Bank (Dubai)

Emirates Airlines / DNATA Group of Companies (Dubai)

Sharjah Municipality (Sharjah)

Town Planning Department (Abu Dhabi)

Civil Defense (Abu Dhabi)

GEC Marconi (Abu Dhabi)

Ericsson (Oman)

Sultan Qaboos University (Oman)

Oman Refinery Company (Oman)

Occidental (Dubai and Qatar)

QAFCO (Qatar)

Abdul Latif Jameel (Saudi Arabia)

etc.



The Twenty Most Critical Internet Security Vulnerabilities

The SANS Institute www.sans.org

(SysAdmin, Audit, Network, Security) The NIPC www.nipc.gov (National

Infrastructure Protection Center) The FBI www.fbi.gov



Top 10 Vulnerabilities to Windows Systems

Internet Information Services (IIS) Microsoft Data Access Components (MDAC) -- Remote

Data Services Microsoft SQL Server NETBIOS -- Unprotected Windows Networking Shares Anonymous Logon -- Null Sessions LAN Manager Authentication -- Weak LM Hashing General Windows Authentication -- Accounts with No

Passwords or Weak Passwords Internet Explorer Remote Registry Access Windows Scripting Host



Top 10 Vulnerabilities to Unix Systems

Remote Procedure Calls (RPC) Apache Web Server Secure Shell (SSH) Simple Network Management Protocol (SNMP) File Transfer Protocol (FTP) R-Services -- Trust Relationships Line Printer Daemon (LPD) Sendmail BIND/DNS General Unix Authentication -- Accounts with

No Passwords or Weak Passwords



The 7 Top Management Errors that Lead to Computer Security Vulnerabilities

Number Seven: Pretend the problem will go

away if they ignore it. Number Six: Authorize reactive, short-term fixes

so problems re-emerge rapidly Number Five: Fail to realize how much money

their information and organizational reputations

are worth. Number Four: Rely primarily on a firewall.



The 7 Top Management Errors that Lead to Computer Security Vulnerabilities

Number Three: Fail to deal with the operational

aspects of security: make a few fixes and then not

allow the follow through necessary to ensure the

problems stay fixed Number Two: Fail to understand the relationship of

information security to the business problem -- they

understand physical security but do not see the

consequences of poor information security. Number One: Assign untrained people to maintain

security and provide neither the training nor the time to

make it possible to do the job.



Number of Vulnerabilities and incidents reported (According to www.cert.org)

Incidents reported in 2000-2003

Year 2000 2001 2002 1Q-2Q 2003

Incidents 21,756 52,658 82,094 76,404

Year 2000 2001 2002 1Q-2Q 2003

Vulnerabilities 1,090 2,437 4,129 1,993

Vulnerabilities reported in 2000-2003



The Virus Problem:major catastrophes

45 million e-mail users worldwide affected by LoveBug (Computer Economics, May 2000)

LoveBug cost companies an estimated US$10 billionDell stopped production for five days due to FunLove32,000 copies of Melissa hit one company in 45

minutesNo one is safe

Microsoft, FBI, Houses of Parliament, Barclays, BT

Lost productivity, but also loss of reputation



The LoveBug world spreadFirst 24 hours



Vulnerability Scanning Definition

Testing for areas that allow

unauthorized access to

networks, systems, and

applications

From outside enterprise From internal sources



Frequency and Damage of Security Threats/Attacks



Vulnerability Sources

Networks Firewalls

Devices, e.g., routers, switches

Systems Servers

Operating system services

Applications Configuration problems

Design flaws



Why Conduct Vulnerability Scans?

Obvious Find vulnerabilities

Not so obvious Test intrusion detection Test incident response Test managed security

provider

IDS is no substitute Speed of attack problem,

HoneyNet Project Limited scope



Vulnerability Targets

Permissible systems

All access points including

Wireless

Dial-up

VPNs



Vulnerability Scan Steps

Multiple scanners for different targets Firewalls Web servers Wireless network Lotus Notes Novell Netware Many more

Attack signature database Must be updatable

Identifies potential vulnerabilities False positives expected



Scanner Characteristics

Specialization - specific target

Number of tests - multiple targets

Reporting

Fix information

False positives

Other features, e.g., client/server



Open Source vs. Commercial Scanners

FreeFrequent updatesMore vulnerabilitiesCan be customized

Easy to install/operateEnhanced report generationFully supported

NessusSara

CybercopISS

Limited supportLots of false positivesLinux expertise needed

Cost can be highCost of support

ProsPros

ConsCons

ExamplesExamples

Open SourceOpen Source CommercialCommercial



How Long Does it Take?

It depends Number of subnets

Number of hosts

Blocks in place

– UDP

– Firewalls play dead mode

Thoroughness



Conducting the Scan

Arrange time for scan Delay start to avoid

scapegoating

Special scan for potential trouble systems

Be available 24x7



Data Analysis

Challenges Lots of false positives Meaningful data not

always easy to identify

Know your audience Severity classification Department focus

Reporting results Common Vulnerability

and Exposures (CVE)



Report Styles



Hidden Benefits

Study how security is implemented

Find unknown hosts

Learn about change control process

Good basis for a security policy if one doesn't exist

Policy enforcement



Scan for vulnerabilities in

networks, systems & applications

Choose the right target and

matching scanner(s)

Conduct scan in defined

timeframe

Sift data for relevancy

The Bottom Line



Gulf Computers Professional Security Services

Evaluation

Penetration testing, assessment,

audit, vulnerability analysis

Strategic

Incident response, programs,

policies, training

Technical

PKI, VPNs, Firewalls, IDS, AAA integration, PDIO



Question and Answer

Gulf Computers Presentation Vulnerability Assessment: Steps to a More Secure Network Securing Your...

Documents

Transcript of Gulf Computers Presentation Vulnerability Assessment: Steps to a More Secure Network Securing Your...