network security fundamentals
play

Network Security Fundamentals Security Training Course Dr. Charles - PowerPoint PPT Presentation

May 07, 2023 •25 likes •235 views

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 8 Scanning Topics Scanning fundamentals Nessus installation & examination 04/13

  1. Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013

  2. Network Security Fundamentals Module 8 Scanning

  3. Topics • Scanning fundamentals • Nessus installation & examination 04/13 cja 2013 3

  4. Scanning Fundamentals

  5. Scanning • Purpose: Examine host(s) from the network  What ports are open  What services are running  What flaws exist in those services  What type of OS is running  What kind of filtering is in place 04/13 cja 2013 5

  6. Scanning • Modus operandi :  Phase 1: determine all hosts in specified range  Phase 2: interrogate open ports on each host identified in Phase 1 • Uses:  Attack tool  Reconnaissance  Defensive tool  Where are the security risks? 04/13 cja 2013 6

  7. Scanners • Commercial  eEye Retina  ISS  … • Open source  Nessus  Nmap  … 04/13 cja 2013 7

  8. Nessus Installation and Examination

  9. Nessus • Was open-source, GPL  … Nessus 3.0 closed-source  … Nessus 4.0 plugins not free • Client/server architecture  Server placed on host(s) in network  UNIX/Linux, AIX, Mac OS X  Client connects to server(s), runs test  Web client • Strong authentication  SSL 04/13 cja 2013 9

  10. Install Nessus • Download Nessus from http://www.tenable.com/products/nessus • Register scanner  Nessus no longer ships with any plugins  HomeFeed vs. ProfessionalFeed  http://www.nessus.org/register/ • Start the nessusd server • Browse to https://localhost.localdomain:8834 • Create nessusd account • Get the plugins  This will consume about twenty minutes • Nessus is pre-installed in the virtual lab environment 04/13 cja 2013 10

  11. Run Nessus • sudo nessusd start • Browse to https://localhost.localdomain:8834  Port opened after plugins have been processed • Understand certificate issues • Login to nessusd account • Add a policy: select plugins (checks to perform) • Add a scan: select targets (networks) • Start test! 04/13 cja 2013 11

  12. Nessus login 04/13 cja 2013 12

  13. Add a policy 04/13 cja 2013 13

  14. Settings 04/13 cja 2013 14

  15. Add a scan 04/13 cja 2013 15

  16. Launch a scan 04/13 cja 2013 16

  17. Running a scan 04/13 cja 2013 17

  18. Scan finished 04/13 cja 2013 18

  19. Examine results • Browse report • Three severity levels  Low - informational  Medium - possible vulnerability  High - verified vulnerability • Detail pane gives descriptions, suggested fixes, CVE numbers, references and links 04/13 cja 2013 19

  20. Scan results 04/13 cja 2013 20

  21. Additional Features • Filter  Select which vulnerabilities to show  Select by plugin, vulnerability text, host, port, protocol, severity 04/13 cja 2013 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 7 Intrusion Detection Topics Fundamentals Network IDS Snort Host-based IDS

1.03k views • 72 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 6 Firewalls & VPNs Topics Firewall Fundamentals Case study: Linux iptables

778 views • 46 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 3 Network Protocol Attacks Roadmap Network security The basic objectives: CIA

1.68k views • 39 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 9 Linux Security & Logging Linux Security Real-World Linux Security RHEL

739 views • 41 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 4 Password Strength & Cracking Roadmap Password Authentication How Passwords are

512 views • 32 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 5 Viruses & Worms, Botnets, Todays Threats Viruses & Worms Viruses Program

693 views • 31 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define Access Controls List the four Access Control Models Describe logical Access Control Methods Explain the

128 views • 8 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Installing the Lab Environment Virtual Lab Environment Student-supplied hosts IA32-compatible The more CPU(s) and

261 views • 8 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Introduction Introduction Welcome to the course! Instructor: Dr. Charles J. Antonelli

209 views • 10 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A

Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A

Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A Message From Our Sponsors Computer Security Fundamentals Fundamentals System/Network Security, crypto How do things work Why How to

824 views • 26 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used Describe the components of

569 views • 7 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher

Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher

Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher Lecture 18 CS 118 Page 1 Winter 2016 Another type of layer deficiency Some layers of protocol do not provide any security or privacy What if

708 views • 59 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 6 Firewalls & VPNs Topics Firewall Fundamentals Case

881 views • 51 slides
Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia

697 views • 59 slides
vcsh manage config files in $HOME via fake bare git repositories Richard Hartmann, RichiH@ {

vcsh manage config files in $HOME via fake bare git repositories Richard Hartmann, RichiH@ {

Intro Technical details Using vcsh Outlook Outro vcsh manage config files in $HOME via fake bare git repositories Richard Hartmann, RichiH@ { freenode,OFTC,IRCnet } , richih.mailinglist@gmail.com 2012-02-04 Richard Hartmann, RichiH@ {

582 views • 20 slides
OPS: Optimized Shuffle Management System for Apache Spark Yuchen Cheng * , Chunghsuan Wu * ,

OPS: Optimized Shuffle Management System for Apache Spark Yuchen Cheng * , Chunghsuan Wu * ,

OPS: Optimized Shuffle Management System for Apache Spark Yuchen Cheng * , Chunghsuan Wu * , Yanqiang Liu * , Rui Ren * , Hong Xu , Bin Yang , Zhengwei Qi * * Shanghai Jiao Tong University City University of Hong Kong Intel

217 views • 19 slides
Thames Valley Berkshire LEP Careers Hub Launch 10 July 2019 Sarah Gray Network Operations

Thames Valley Berkshire LEP Careers Hub Launch 10 July 2019 Sarah Gray Network Operations

Thames Valley Berkshire LEP Careers Hub Launch 10 July 2019 Sarah Gray Network Operations Manager Careers and Enterprise Company tvb-enterpriseadvisernetwork.co.uk The role of the CEC digital tools Career Hubs WAVE 2 SEPT 2019

821 views • 42 slides
T a lking a b o ut o pe ra tio ns - I t s wha t we do T ra c e y Bra mb le Na tio na l

T a lking a b o ut o pe ra tio ns - I t s wha t we do T ra c e y Bra mb le Na tio na l

T a lking a b o ut o pe ra tio ns - I t s wha t we do T ra c e y Bra mb le Na tio na l Ope ra tio ns Ce nte r o f E xc e lle nc e I o wa DOT Ma y 8, 2018 2 Co mmunic a tio ns: Wha t, whe n, whe re , why a nd to who m Wha t is

674 views • 30 slides
Vulnerability management with OpenVAS Henri Doreau henri.doreau@greenbone.net 12 th LSM -

Vulnerability management with OpenVAS Henri Doreau henri.doreau@greenbone.net 12 th LSM -

Vulnerability management with OpenVAS Henri Doreau henri.doreau@greenbone.net 12 th LSM - Strasbourg 2011 OpenVAS Vulnerability management Project news Conclusion Outline OpenVAS 1 Introduction Architecture Vulnerability management 2

691 views • 29 slides
Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 19 Page 1 CS 236 Online Putting It All Together Weve talked a lot about security principles And about security problems And

209 views • 17 slides
Overview System Security Scanning Security Scanning and Discovery Important Security Web

Overview System Security Scanning Security Scanning and Discovery Important Security Web

Overview System Security Scanning Security Scanning and Discovery Important Security Web Sites Fingerprinting OS FingerPrinting IP Stacks Share Scans Chapter 14 SNMP Vulnerabilities FingerPrinting TCP/IP Services

439 views • 8 slides
15 Networking and Package Management CS 2043: Unix Tools and Scripting, Spring 2019 [1]

15 Networking and Package Management CS 2043: Unix Tools and Scripting, Spring 2019 [1]

15 Networking and Package Management CS 2043: Unix Tools and Scripting, Spring 2019 [1] Matthew Milano February 27, 2019 Cornell University 1 Table of Contents 1. welcome back to THE INTERNET 2. Package Management 3. System Specific

688 views • 41 slides

More recommend