1 / 7

CIT 380: Securing Computer Systems

CIT 380: Securing Computer Systems. Scanning. Vulnerability Scanning. Scan for vulnerabilities in systems Configuration errors Well-known system vulnerabilities Scanning Tools Nessus Attack Tool Kit GFI LANguard Network Security Scanner ISS Internet Scanner.

peri
Download Presentation

CIT 380: Securing Computer Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIT 380: Securing Computer Systems Scanning CIT 380: Securing Computer Systems

  2. Vulnerability Scanning Scan for vulnerabilities in systems • Configuration errors • Well-known system vulnerabilities Scanning Tools • Nessus • Attack Tool Kit • GFI LANguard Network Security Scanner • ISS Internet Scanner CIT 380: Securing Computer Systems

  3. Vulnerability Scanner Architecture User Interface Vulnerability Database Scanning Engine Scan Results Report Generation CIT 380: Securing Computer Systems

  4. Nessus Report CIT 380: Securing Computer Systems

  5. Nessus Examples • http://nst.sourceforge.net/nst/docs/user/ch02s04.html • http://www.nessus.org/nessus/features/nessus-ss-big.png CIT 380: Securing Computer Systems

  6. Scanning Tools Summary CIT 380: Securing Computer Systems

  7. References • William Cheswick, Steven Bellovin, and Avriel Rubin, Firewalls and Internet Security, 2nd edition, 2003. • Fyodor, “The Art of Port Scanning,” http://www.insecure.org/nmap/nmap_doc.html • Fyodor, NMAP man page, http://www.insecure.org/nmap/data/nmap_manpage.html • Fyodor, “Remote OS detection via TCP/IP Stack FingerPrinting,” Phrack 54, http://www.insecure.org/nmap/nmap-fingerprinting-article.html • Simson Garfinkel, Gene Spafford, and Alan Schwartz, Practical UNIX and Internet Security, 3rd edition, O’Reilly & Associates, 2003. • Johnny Long, Google Hacking for Penetration Testers, Snygress, 2004. • Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed, 5th edition, McGraw-Hill, 2003. • Ed Skoudis, Counter Hack Reloaded, Prentice Hall, 2006. CIT 380: Securing Computer Systems

More Related