B FOR 204 Lecture Notes - Lecture 6: Simple Mail Transfer Protocol, Telnet, Apache Http Server
2 Jun 2018
School
Department
Course
Professor
BFOR 204
Vulnerability Assessment
Definition – Vulnerability
• A weakness in the computational logic (e.g., code) found in software and
hardware components that, when exploited, results in a negative impact to
confidentiality, integrity, or availability.
• Mitigation of the vulnerabilities in this context typically involves coding changes,
but could also include specification changes or even specification deprecations
(e.g., removal of affected protocols or functionality in their entirety).
Network Strengthening and Vulnerability Assessment
• Security professionals improve security of their networks by looking for
vulnerabilities.
• Penetration testing follows a methodology similar to that of the attackers of the
network, only without the malicious payloads or unauthorized access.
• By performing a penetration test, the vulnerabilities in a network can be
identified.
Penetration testing methodology
1) Enumerate the network
• What machines are attached and operating
• Any open ports?
• Helps in identifying the current network layout
2) Assess vulnerabilities
• Using vulnerability scanner to identify vulnerabilities
3) Research vulnerabilities for known exploits
• The vulnerabilities are further researched online
4) Use tools to penetrate the network
• Metasploit Framework
Nmap Scanning
1) Identify the hosts, ports and services that are available
2) Identify the operating system that is running on the host
• Stack fingerprinting –subtle, the differentiation of these responses
makes it possible to determine the operating system. Different operating
systems implement TCP/IP in slightly different ways. Though system.
3) Identify the type of services running on the target computer
• Such type of the server and the version (for Apache HTTP Server, whether
version 2.2 or 2.4)
find more resources at oneclass.com
find more resources at oneclass.com
