vulnerability scanners assignment –3 report
TRANSCRIPT
![Page 1: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/1.jpg)
Vulnerability ScannersVulnerability Scanners
Assignment Assignment –– 3 Report 3 Report
CS/IT 463, CS 589 CS/IT 463, CS 589
David BurtonDavid Burton
MayuriMayuri ShakamuriShakamuri
![Page 2: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/2.jpg)
ScannersScanners
�� NessusNessus
By Tenable Network SecurityBy Tenable Network Security
�� SARA SARA -- Security Auditor's Research Assistant Security Auditor's Research Assistant
by Advanced Research Corporationby Advanced Research Corporation
�� NSat NSat -- Network Security Analysis ToolNetwork Security Analysis Tool
by by SourceforgeSourceforge
�� XscanXscan
by by SecurityFocusSecurityFocus
�� XprobeXprobe
by by SourceforgeSourceforge
![Page 3: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/3.jpg)
FeaturesFeatures
�� Nessus and SARANessus and SARA�� Support Critical Vulnerability Exposures (CVE)Support Critical Vulnerability Exposures (CVE)
�� Integrate with National Vulnerability DatabaseIntegrate with National Vulnerability Database
�� Common Vulnerability Scoring Systems (CVSS)Common Vulnerability Scoring Systems (CVSS)
�� Indicates severity level (Low to High)Indicates severity level (Low to High)
�� NsatNsat, XScan, Xprobe, XScan, Xprobe�� No CVE number supportNo CVE number support
�� Indicate CVSS severity (Low to High)Indicate CVSS severity (Low to High)
![Page 4: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/4.jpg)
Scanner Results Scanner Results -- VulnerabilitiesVulnerabilities
�� Nessus (CVE)Nessus (CVE)
�� 9 IP addresses9 IP addresses
�� SARA (CVE)SARA (CVE)
�� 105 IP addresses105 IP addresses
�� NsatNsat
�� 11 IP addresses11 IP addresses
�� XScanXScan
�� 14 IP addresses14 IP addresses
�� XprobeXprobe
�� 38 IP addresses38 IP addresses
![Page 5: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/5.jpg)
Report consolidationReport consolidation
�� Majority VotingMajority Voting
�� No common vulnerabilities found that had CVENo common vulnerabilities found that had CVE
�� Needed different consolidation methodNeeded different consolidation method
�� Frequency MethodFrequency Method
�� Most frequently found vulnerabilities from each Most frequently found vulnerabilities from each
scanner resultsscanner results
�� Critical Vulnerability PerspectiveCritical Vulnerability Perspective
�� Based on the severity rate reported by the scannersBased on the severity rate reported by the scanners
![Page 6: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/6.jpg)
Differences Between Two Methods Differences Between Two Methods
�� Frequency MethodFrequency Method
�� Some of the most frequently found vulnerabilities did Some of the most frequently found vulnerabilities did
not have high risk factornot have high risk factor
�� Gave general consensus on vulnerabilities for the Gave general consensus on vulnerabilities for the
subnetsubnet
�� May not be the best consolidation methodMay not be the best consolidation method
�� Critical Vulnerabilities PerspectiveCritical Vulnerabilities Perspective
�� Highlighted most critical vulnerabilitiesHighlighted most critical vulnerabilities
![Page 7: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/7.jpg)
MetasploitMetasploit
![Page 8: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/8.jpg)
MetasploitMetasploit
![Page 9: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/9.jpg)
MetasploitMetasploit
![Page 10: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/10.jpg)
MetasploitMetasploit
![Page 11: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/11.jpg)
MetasploitMetasploit
![Page 12: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/12.jpg)
MetasploitMetasploit
![Page 13: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/13.jpg)
ChallengesChallenges
� Compliance with NIST and industry standards
� Choosing unique identifier like a CVE number
� Manual analysis of results is impractical
� Analysis techniques
� Hard to be decisive of critical nature of vulnerabilities and threats
![Page 14: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/14.jpg)
ConclusionsConclusions
�� Unique vulnerability identifiers play an important Unique vulnerability identifiers play an important
rolerole
�� CVE can be used as primary key for automation CVE can be used as primary key for automation
processprocess
�� Choosing right report consolidation methods can Choosing right report consolidation methods can
be crucialbe crucial
�� Automating the process is more realistic than Automating the process is more realistic than
manual analysismanual analysis
![Page 15: Vulnerability Scanners Assignment –3 Report](https://reader031.vdocuments.site/reader031/viewer/2022012423/6177718ab20505308e5e33bb/html5/thumbnails/15.jpg)
QuestionsQuestions
??????