Vulnerability Study

Discussion in 'Computer Security' started by Sherman H., Sep 11, 2004.

  1. Sherman H.

    Sherman H. Guest

    I am assigned to work with a team to perform a penetration testing to my
    company. I know all the tools and methodologies. Nessus will be used to
    scan ports from outside and internal.

    For the scans from outside, should I start with the website IP? Or should I
    have tools like NMAP to identify the gateway router IP and firewall IP and
    then scan the open ports on both?

    For the internal scan, what objects would be the most vulnerable? Servers?

    I just want to be well-prepared and these questions definitely help.
     
    Sherman H., Sep 11, 2004
    #1
    1. Advertising

  2. Sherman H. wrote:
    > I am assigned to work with a team to perform a penetration testing to my
    > company. I know all the tools and methodologies. Nessus will be used to
    > scan ports from outside and internal.
    >
    > For the scans from outside, should I start with the website IP? Or should I
    > have tools like NMAP to identify the gateway router IP and firewall IP and
    > then scan the open ports on both?
    >
    > For the internal scan, what objects would be the most vulnerable? Servers?
    >
    > I just want to be well-prepared and these questions definitely help.
    >
    >

    nessus is your good start.
     
    66.185.95.104, Sep 11, 2004
    #2
    1. Advertising

  3. Sherman H.

    johns Guest


    > For the internal scan, what objects would be the most vulnerable?

    Servers?

    If you take an academic approach to this, your "company"
    will be penetrated easily. Your company employees will
    set up every form of chat and message passing they can,
    and you can talk jargon and "close" all the ports you
    want, and it will mean nothing. The first place you should
    start is with a good AV, allow list on browing, blocked
    messaging programs, email filtering, and then, maybe,
    a firewall. After that, if you are bored and have nothing
    better to do, you can look at ports.

    johns
     
    johns, Sep 12, 2004
    #3
  4. Sherman H.

    Apollo Guest

    "johns" <> wrote in message
    news:ci1458$2el2$...
    >
    >> For the internal scan, what objects would be the most vulnerable?

    > Servers?
    >
    > If you take an academic approach to this, your "company"
    > will be penetrated easily. Your company employees will
    > set up every form of chat and message passing they can,
    > and you can talk jargon and "close" all the ports you
    > want, and it will mean nothing. The first place you should
    > start is with a good AV, allow list on browing, blocked
    > messaging programs, email filtering, and then, maybe,
    > a firewall. After that, if you are bored and have nothing
    > better to do, you can look at ports.
    >


    Agreed, also consider the biggest vulnerability at the moment - allowing
    employees to enter the business with USB data devices on their person.

    I would start a vulnerability study by investigating existing software and
    security policies, including fire, flood, backup and theft policy, then look
    at external threats.

    --
    Apollo
     
    Apollo, Sep 12, 2004
    #4
  5. Sherman H.

    Jim Watt Guest

    On Sun, 12 Sep 2004 19:47:56 +0100, "Apollo"
    <ian_dunbar6@hot[un-munge-me]mail.com> wrote:

    >Agreed, also consider the biggest vulnerability at the moment - allowing
    >employees to enter the business with USB data devices on their person.
    >
    >I would start a vulnerability study by investigating existing software and
    >security policies, including fire, flood, backup and theft policy, then look
    >at external threats.


    USB devices are an issue if there is confidential information on the
    computers that you do not want copied - otherwise and for most
    companies its irrelevent.

    Physical security is important and again it depends on the type of
    company.

    Knowing what is happening on the network and which ports are
    open is also valuable as it can identify shit that is happening;
    a good policy should prevent it getting to that stage.

    In a supermarket you are concerned with the customers stealing
    goods going out the front door and the staff out the back door
    computers are much the same and as well management needs
    to ensure they all act appropriatly before going out of the doors.
    --
    Jim Watt
    http://www.gibnet.com
     
    Jim Watt, Sep 12, 2004
    #5
  6. "Apollo" <ian_dunbar6@hot[un-munge-me]mail.com> wrote in message
    news:...
    >
    > "johns" <> wrote in message
    > news:ci1458$2el2$...
    > >
    > >> For the internal scan, what objects would be the most vulnerable?

    > > Servers?
    > >
    > > If you take an academic approach to this, your "company"
    > > will be penetrated easily. Your company employees will
    > > set up every form of chat and message passing they can,
    > > and you can talk jargon and "close" all the ports you
    > > want, and it will mean nothing. The first place you should
    > > start is with a good AV, allow list on browing, blocked
    > > messaging programs, email filtering, and then, maybe,
    > > a firewall. After that, if you are bored and have nothing
    > > better to do, you can look at ports.
    > >

    >
    > Agreed, also consider the biggest vulnerability at the moment - allowing
    > employees to enter the business with USB data devices on their person.
    >
    > I would start a vulnerability study by investigating existing software and
    > security policies, including fire, flood, backup and theft policy, then

    look
    > at external threats.


    Hmm.. I would have said that the biggest vulnerability is that "b" work you
    just used - or the lack of 'em.

    Off-site too, in case of one of those catastrophic events, e.g. fire.

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
     
    Hairy One Kenobi, Sep 13, 2004
    #6
  7. Sherman H.

    Apollo Guest

    "Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in message
    news:Qxg1d.376$...
    > "Apollo" <ian_dunbar6@hot[un-munge-me]mail.com> wrote in message
    > news:...
    >>
    >> Agreed, also consider the biggest vulnerability at the moment - allowing
    >> employees to enter the business with USB data devices on their person.
    >>
    >> I would start a vulnerability study by investigating existing software
    >> and
    >> security policies, including fire, flood, backup and theft policy, then
    >> look at external threats.

    >
    > Hmm.. I would have said that the biggest vulnerability is that "b" work
    > you
    > just used - or the lack of 'em.
    >
    > Off-site too, in case of one of those catastrophic events, e.g. fire.
    >


    Yes, I should probably have phrased that something like "one of the newest
    serious threats to confidential material".

    The B word should be taken more seriously than it usually is, hands up who
    knows of someone who made regular backups and never tested them?

    --
    Apollo
     
    Apollo, Sep 13, 2004
    #7
  8. Sherman H.

    void Guest

    In article <>, ian_dunbar6@hot[un-munge-me]
    mail.com says...
    > Agreed, also consider the biggest vulnerability at the moment - allowing
    > employees to enter the business with USB data devices on their person.


    Not just USB devices, Digital Camera's (memory cards), PDA - can steal
    info, laptops, to connect via dial-up, etc...

    --
    --

    (Remove 999 to reply to me)
     
    void, Sep 14, 2004
    #8
  9. Sherman H.

    void Guest

    In article <>,
    _way says...
    > USB devices are an issue if there is confidential information on the
    > computers that you do not want copied - otherwise and for most
    > companies its irrelevent.


    Infected files, malarious content, etc... Not just theft of information
    is at question here.

    --
    --

    (Remove 999 to reply to me)
     
    void, Sep 14, 2004
    #9
  10. Sherman H.

    Khaled Guest

    "Sherman H." <> wrote in
    news::

    > I am assigned to work with a team to perform a penetration
    > testing to my company. I know all the tools and
    > methodologies. Nessus will be used to scan ports from
    > outside and internal.
    >
    > For the scans from outside, should I start with the website
    > IP? Or should I have tools like NMAP to identify the
    > gateway router IP and firewall IP and then scan the open
    > ports on both?
    >
    > For the internal scan, what objects would be the most
    > vulnerable? Servers?
    >
    > I just want to be well-prepared and these questions
    > definitely help.
    >
    >
    >


    Not knowing the exact situation in your institution I'd say
    that you should look into the possibility of using a NAS
    server, at least for the data, with diskless workstations.
    The manaagement of such an appliance is easier, as would be
    security issues. This leaves the question of ports, which
    can be managed with strong operating systems security
    management.

    NAS:: Network Attached Storage
     
    Khaled, Sep 17, 2004
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. loyola
    Replies:
    39
    Views:
    1,486
    Moderator
    Jul 21, 2006
  2. loyola
    Replies:
    0
    Views:
    714
    loyola
    Jun 26, 2006
  3. loyola
    Replies:
    33
    Views:
    1,341
    Moderator
    Jul 21, 2006
  4. loyola
    Replies:
    31
    Views:
    1,150
    Moderator
    Jul 21, 2006
  5. Replies:
    0
    Views:
    560
Loading...

Share This Page