Upload File

09 m7 vulnerability

10
Vulnerability Assessment Module 7 Objectives After completing this module, you will be able to: Explain how vulnerability assessment technology works. List the criteria you should use to evaluate vulnerability assessment products. List the considerations for implementing vulnerability assessment. Explain the role of vulnerability assessment in a security policy and list Compaq's recommendations. Rev. 0.11 7 –1

Upload: trung-luu

Post on 27-Sep-2015

9 views

Category:

Documents


3 download

Report

DESCRIPTION

df

TRANSCRIPT

Compaq Security Solutions

Compaq Security Solutions

Vulnerability Assessment

Vulnerability Assessment

Module 7

Objectives

After completing this module, you will be able to:

Explain how vulnerability assessment technology works.

List the criteria you should use to evaluate vulnerability assessment products.

List the considerations for implementing vulnerability assessment.

Explain the role of vulnerability assessment in a security policy and list Compaq's recommendations.

Introduction

Human error is one of the most challenging areas in information risk management. Vulnerabilities created through human error arise unpredictably and can easily be exploited, causing grave harm to an enterprise.

To be considered secure, operating systems must be properly configured. Because of the complexity of the network administration task, it is likely that exploitable errors exist in every network. Risk management accepts that likelihood and demands implementation of a proactive means of managing the resulting risk. Tools are needed to detect improperly configured computers before errors can be identified and exploited by a potentially malicious individual.

When properly configured, Microsoft Windows NT is secure against many forms of attack. Unfortunately, an "out-of-the-box" computer system is not properly configured for use in an operational environment. A system administrator must configure the system before operational use. Periodic system administration is also required.

Even well-trained and experienced system administrators can easily make errors that effectively cancel the security of the system.

Of special concern are those computers directly connected to public networks such as the Internet. Both firewalls and web servers are vulnerable to administrative error because they run as applications on computers controlled by standard operating systems. With firewalls, not only does the operating system have to be properly configured, but also the firewall application itself. As the guardian of the network, a firewall is an exceptionally attractive target to hackers. Therefore, exploitable errors in a firewalls configuration present especially grave risks to the network it protects.

Vulnerability Assessment Technology

Internet

Vulnerability

Assessment

Server

Client

Client

Client

Client

Firewall

It is relatively easy to compile a list of known vulnerabilities associated with a specific operating system. It is possible for a system administrator to manually interrogate an operating system, just as a hacker would, to identify potential vulnerabilities. However, the job is tedious, prone to error, and time consuming.

The security industry has developed automated tools to support identification of potential vulnerabilities. Known as vulnerability assessment tools, these tools interrogate an operating system for known vulnerabilities and provide reporting features.

Automated vulnerability assessment tools interrogate the configuration of computer operating systems based on the network address. Specialized vulnerability assessment tools are also available to assess web server and firewall configuration vulnerabilities. These tools can be configured to automatically assess all or some of the nodes in a network on a daily, weekly, or other basis.

When identified, system configuration errors can be easily corrected. The reports of the tool also provide an excellent means of tracking recurring errors that might point to either poor practices or the need for additional training.

Types of Vulnerability Assessment Technology

The two basic types of vulnerability assessment technology are:

Host resident Vulnerability assessment is performed by an application running on a specific computer and only that computer is assessed.

Network-based Vulnerability assessment is performed by an application running on a server within a local area network (LAN). Designated computers, indicated by the IP address, are assessed on a schedule determined by the administrator.

Evaluating Vulnerability Assessment Tools

Vulnerability assessment products are applications running under the control of the operating system (either Microsoft NT or SCO UNIX). When selecting a vulnerability assessment tool, evaluate the following criteria:

Graphical user interface (GUI) A GUI should be provided for system configuration and reporting.

Ability to repair vulnerabilities A feature should be provided to automatically repair some system vulnerabilities.

Robustness The product should test for the widest possible suite of vulnerabilities. All vulnerabilities associated with common attack scenarios should be contained in the suite.

Reporting The product should provide reporting through the interface and also plain text reporting that can be electronically mailed or printed. Consolidated reporting of vulnerabilities found throughout the network should be supported.

Secure installation The product should be supported with installation and configuration instructions to ensure that the application is securely installed.

Integrity The product should provide an automatic integrity feature to ensure that the application cannot be modified or infected with malicious code.

Ease of update The vulnerability assessment capability should be easily updated. Ideally, software updates should be automatically downloaded. Software updates should not require reconfiguration of the system.

Alert options When a significant vulnerability is detected, the system should be capable of issuing an alert in several ways, including automatic reporting through the GUI, electronic mail, and paging.

Scheduling A scheduling feature should be provided to support the off-hours assessment of specific network nodes.

Operational Considerations

Assessment tools can create a significant network load, particularly if a large number of nodes are being assessed. The tools automatically test all the IP ports, issuing several hundred tests for each node. This level of testing can effectively create a denial-of-service situation. It is important to schedule testing when the node is not otherwise in heavy use. Consider the following:

When is the network and specific node subject to peak usage? Scheduling should avoid periods of peak usage.

Has the node been reconfigured since it was last assessed? One of the primary reasons for vulnerability assessment is to recognize and correct vulnerabilities created through administrative error. If the node has not been administered since the last assessment, there should be no new vulnerabilities.

What is the assessment history? Some network nodes are more efficiently administrated than others, depending on the experience and professionalism of the administrator. It might be determined that some nodes have rarely been found to have vulnerabilities, and testing of those nodes can be minimized.

Role of Vulnerability Assessment in a Security Policy

Compaq recommends the following policies:

Use vulnerability assessment tools to interrogate any new computers operating system before the computer is connected to the network. This is particularly critical for firewalls, web servers, and shared systems.

Interrogate firewalls and web server operating systems for vulnerabilities at least weekly and anytime the configuration is changed.

For essentially stable environments with certified, experienced system administrators or those environments that have not experienced hacker problems, interrogate shared computers on a weekly basis. Because hackers are particularly active on weekends, Friday afternoon is an excellent time to perform this function.

For environments that are highly sensitive, growing rapidly, or known targets for hackers, interrogate all shared computers at the end of each business day.

For extremely sensitive environments, environments with recognized system administration problems, or environments being harassed by hackers, interrogate the entire network daily until the attacks cease or the vulnerability reports are clear for at least a week.

Review Questions

1. Describe the two main types of vulnerability assessment technology.

2. List four criteria to consider when evaluating vulnerability assessment tools.

3. When and how often should vulnerability assessment occur?

4. What components of an enterprise network are most important to check for vulnerabilities?

Rev. 0.117 1

7 8Rev. 0.11

Rev. 0.117 7


1071235 termination box m7 drywall im 09 2014uk 75570

Parts List: FireHawk® M7 Air Mask FireHawk® M7 ... - Scene7

The world’s most advanced low voltage LED-based temporary ...clearvulighting.com/wp-content/uploads/downloads/ClearVuLighting_FlexSLS.pdfM7 M7 M7 M7 M7 M7 M7 M7 M7 M7 M7 M7 M7 M7

Climate Vulnerability Analysis Facilitating Transformation of Watersheds … · 2017-08-09 · Climate Vulnerability Analysis Facilitating Transformation of Watersheds in Kerala,

p4m90 m7 Bios

I HAVE AN INFORMATION SECURITY PROGRAM, WHAT AM I …cacubo.org/wp-content/uploads/2018/09/203-I-have-an... · 2018-09-23 · Vulnerability Assessments. Vulnerability Assessments

tomosax · Nearness of You - mar G7 A7 Gm7 D m7 tomosax Stitt Gm7 3 Em7 D m7 Ern7 10 12 Ern7 14 G7 G7/F G7 m7 16 . 18 19 20 G m7 21 E-m7 23 G7 25 27 29 D m7 31 32 B2b D#m7 G7 . Created

M7 finance

Mapping of groundwater vulnerability zones to pollution in various hydrogeological … › researchpaper › Mapping-of... · 2016-09-09 · Mapping of groundwater vulnerability zones

P4M900-M7 FE

ouu r om-m7| ; ( J -m7;lb1 - World Justice Project

Concepts of (Social) Vulnerability and Data for Vulnerability …repository.usp.ac.fj/7108/1/APN_Chennai_Weber_02.pdf · 2014-01-09 · Concepts of (Social) Vulnerability and Data

AAS 09-415 ANTI-SATELLITE ENGAGEMENT VULNERABILITY

M7(R1) Addendum to ICH M7: Assessment and Control of … · M7(R1) Addendum to ICH M7: Assessment and Control of DNA Reactive ... For questions regarding this draft document, contact

Globalization m7

Mary m7 leadership

P4M890-M7 SE Setup Manual - static.highspeedbackbone.netstatic.highspeedbackbone.net/pdf/Biostar_P4M890-M7-SE_Manual.pdf · P4M890-M7 SE 3 CHAPTER 1: INTRODUCTION 1.1 BEFORE YOU START

SPARC M7™ Supplement - Oracle · 9 CHAPTER 1 SPARC M7 Basics 1.1 Background SPARC M7 isthefollow-onchipmulti-threaded(CMT)processortotheSPARCM6processor.SPARC M7 incorporates a

PRAXIS 3B - Asvamedic · Shank Drill Bit Attachments Shank drill bits L Length mm Ø Diameter mm 38 1.5 M7-520 M7-540 M7-560 45 2.0 M7-521 M7-541 M7-561 53 2.5 M7-522 M7-542 M7-562

CSA Study FINAL EN - 147 pagesb 2b62hf m7 ˝hf62c2 m7 8 ˙˝ f36b22 m7! ˝j˘˝ ˝436bhf m7 ˝ ˝b632 m7 ˝ ˜ ˝263f m7 ˚ g6b3 m7 c63d m7 " ba6ch m7 ˝ ˜ ˜ ˜˘

M7 NAVEL - mvcitrus.org.aumvcitrus.org.au/.../07/M7-Navel-Progreess-and-Prospects-Greg-Chi… · No fruit drop without 2,4D up to the end of ... M7 2 years after planting M7 2 years

Trader Quick User Guide M7 - ComTrader Mailing Address M7 · Trader Quick User Guide M7 - ComTrader Mailing Address M7 Web www ... The information contained in this document is

ICH M7 – Regulatory Updates & Industry Practices M7 - Regulatory... · ICH M7 – Regulatory Updates & Industry Practices ICH M7 Indian Roadshows 2020 February 28, 2020. March 02,

Vulnerability Assessment and Secure Coding Practices for … · 2009-09-29 · vulnerability assessment •Create more people doing vulnerability assessments •Show how different

M7 vig400manual

Vulnerability Management - baramundi · 2019-04-09 · White Paper | Vulnerability Management Vulnerability overview2 of various software products While the vulnerability is lying

Inside MapR's M7

M7 Osberstown Interchange & R407 Sallins Bypasskildare.ie/CountyCouncil/NationalRoadsOffice... · 2019-09-05 · Kildare County Council M7 Osberstown Interchange & R407 Sallins Bypass

Atmel|Smart ®Cortex -M7 MCUs SAM S70 & SAM · PDF file · 2017-09-20•Graphical User Interface •Security •Energy Efficiency Cortex-M7 combines Performance and Simplicity Perfectly

DFS180 - M7 - Public Message Interface...DFS180 - M7 - Public Message Interface M7 Release 6.10.202 Date 26.08.2020 Author M7 Project Team M7 Project Deutsche Börse AG Mailing address

Information Operations Vulnerability/Survivability … BFIST M7 model integrates the FIST MEP with an M3A2 Operation Desert Storm (ODS) chassis. It maintains the existing Bradley signature

m7 REVIEW.pdf

60hz eng m7

M7 Planning

Leica M7 Instructions