vulnerability assesment
DESCRIPTION
Workshop keamanan jaringanTRANSCRIPT
Vulnerability AssesmentNetwork Security Workshop
Dedi Dwianto, C|EH, OSCPDaftar ISI
2
Contents
Technical Vulnerability Management
Vulnerability analysis tools
3
Technical Vulnerability Management
vulnerability analysis and assessment is an important element of each required activity in the NIST Risk Management Framework (RMF).
This RMF comprises six steps, into each of which vulnerability analysis and assessment is to be integrated:
4
Technical Vulnerability Management
Step 1: Categorize Information Systems.
Step 2: Select Security Controls
Step 3: Implement Security Controls.
Step 4: Assess Security Controls.
Step 5: Authorize Information Systems.
Step 6: Monitor Security Controls.
5
Technical Vulnerability Management
To reduce risks resulting from exploitation of published technical vulnerabilities.
Technical vulnerability management should be implemented in an effective, systematic, and repeatable way with measurements taken to confirm its effectiveness.
These considerations should include operating systems, and any other applications in use.
6
Technical Vulnerability Management
A current and complete inventory of assets is a prerequisite for effective technical vulnerability management.
Specific information needed to support technical vulnerability management includes the software vendor, version numbers, current state of deployment (e.g. what software is installed on what systems), and the person(s) within the organization responsible for the software.
7
Technical Vulnerability Management
The following guidance should be followed to establish an effective management process for technical vulnerabilities the organization should define and establish the
roles and responsibilities associated with technical vulnerability management, including vulnerability monitoring, vulnerability risk assessment, patching, asset tracking, and any coordination responsibilities required;
8
Technical Vulnerability Management
information resources that will be used to identify relevant technical vulnerabilities and to maintain awareness about them should be identified for software and other technology
a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;
once a potential technical vulnerability has been identified, the organization should identify the associated risks and the actions to be taken; such action could involve patching of vulnerable systems and/or applying other controls;
9
Technical Vulnerability Management
depending on how urgently a technical vulnerability needs to be addressed, the action taken should be carried out according to the controls related to change management
a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;
an audit log should be kept for all procedures undertaken
systems at high risk should be addressed first.
10
The Patch and Vulnerability Group
The PVG should be a formal group that incorporates representatives from information security and operations.
These representatives should include individuals with knowledge of vulnerability and patch management, as well as system administration, intrusion detection, and firewall management.
11
The duties of the PVG
Create a System Inventory.
Monitor for Vulnerabilities, Remediations, and Threats.
Prioritize Vulnerability Remediation.
Create an Organization-Specific Remediation Database
Conduct Generic Testing of Remediations.
Deploy Vulnerability Remediations.
Distribute Vulnerability and Remediation Information to Local Administrators.
Perform Automated Deployment of Patches.
12
The duties of the PVG
Configure Automatic Update of Applications Whenever Possible and Appropriate.
Verify Vulnerability Remediation Through Network and Host Vulnerability Scanning.
Vulnerability Remediation Training.
13
Report Organization
Section1 Introduction to purpose, organization, scope, and assumptions for this Report.
Section 2 Overview of automated vulnerability assessment tools—including descriptions of the various types of automated vulnerability assessment tools currently available
Section 3 Catalogue of descriptions of current vulnerability assessment tools, categorized by type.
Section 4 Representative listing of vulnerability assessment tools
Section 5 List of resources to additional detailed information about IT and network vulnerability assessment and assessment tools.
14
Vulnerability Analysis tools
Vulnerability assessment tools generally work by attempting to automate the steps often employed to exploit vulnerabilities: they begin by performing a “footprint” analysis to determine what network services and/or software programs (including versions and patch levels) run on the target.
Vulnerability assessment tools help in that integration, by automating the detection, identification, measurement, and understanding of vulnerabilities found in ICT components at various levels of a target ICT system or infrastructure.
15
Vulnerability Analysis tools
Most vulnerability assessment tools are capable of scanning a number of network nodes, including networking and networked devices (switches, routers, firewalls, printers, etc.), as well as server, desktop, and portable computers.
The type and level of detail of a vulnerability assessment tool’s findings varies from tool to tool.
16
Tool type
Network Scanners
Host Scanners
Database Scanners
Web Application Scanners
Multilevel Scanners
Automated Penetration Test Tools
Vulnerability Scan Consolidators
17
Network Scanners
Assuria Auditor and Auditor RA
Infiltration Systems Infiltrator for Home Users
Microsoft® Attack Surface Analyzer
NileSOFT Secuguard SSE
Numara® Vulnerability Manager
SoftRun Inciter Vulnerability Manager
ThreatGuard® Secutor
18
Host Scanners
Beyond Security® Automated Vulnerability Detection System Host Scanners
Black Falcon/Net Security Suite Falcon Vulnerability Analysis
DragonSoft Vulnerability Management
eEye® Retina® Network
Fortinet® FortiScan 4.1.0
FuJian RongJi RJ-iTOP
GFI LANguard®
19
Database Scanners
Application Security AppDetectivePro
DBAPPSecurity MatriXay 3.6
Fortinet FortiDB
Imperva® Scuba
McAfee Repscan and McAfee Vulnerability Manager for Databases
NGSSecure NGS SQuirreL
Safety-Lab Shadow Database Scanner
20
Web Application Scanners
Acunetix® Web Vulnerability Scanner
Casaba Watcher 1.5.1
Cenzic® Hailstorm® Enterprise Application Risk Controller
eEye Retina Web
Grabber
Mavutina Netsparker®
HP WebInspect®
21
Multilevel Scanners
Integrigy AppSentry
Open Vulnerability Assessment System 4
SAINT® Professional and SAINT® Enterprise
Symantec® Control Compliance Suite: Vulnerability Manager
Tenable® Nessus®
Venusense Vulnerability Scanning and Management System
22
AUTOMATED PENETRATION TEST TOOLS
Arachni
CORE IMPACT® Pro
CORE INSIGHT Enterprise
Google® Skipfish
Immunity® CANVAS® Professional
Rapid7® Metasploit®
Rapid7 NeXpose
23
Monitoring Vulnerabilities
Vendor Web sites and mailing lists
Third-party Web sites
Third-party mailing lists and newsgroups
Vulnerability scanners
Vulnerability databases
Enterprise patch management tools
Other notification tools.
24
Monitoring Vulnerabilities
http://web.nvd.nist.gov/
http://secunia.com
http://www.exploit-db.com/