CompNtwk : Lab 1.4.5 Identifying Network Vulnerabilities

Step 1: Open the SANS Top 20 List

Using a web browser, go to http://www.sans.org/. On the resources menu, choose top 20 list.The SANS Top-20 Internet Security Attack Targets list is organized by category. An identifying letter indicates the category type, and numbers separate category topics. Router and switch topics fall under the Network Devices category, N. There are two major hyperlink topics:

 

N1. VoIP Servers and Phones

N2. Network and Other Devices Common Configuration Weaknesses

Step 2: Review common configuration weaknesses

  1. Click hyperlink N2. Network and Other Devices Common Configuration Weaknesses.
  2. List the four headings in this topic.

 

Step 3: Review common default configuration issues

Review the contents of N2.2 Common Default Configuration Issues. As an example, N.2.2.2(in January 2007) contains information about threats associated with default accounts and values. A Google search on “wireless router passwords” returns links to multiple sites that publish a list of wireless router default administrator account names and passwords. Failure to change the default password on these devices can lead to compromised security and vulnerability to attackers.

Step 4: Note the CVE references

The last line under several topics cites references to CVE or Common Vulnerability Exposure. The CVE name is linked to the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD), sponsored by the United States Department of Homeland Security (DHS) National Cyber Security Division and US-CERT, which contains information about the vulnerability.

Step 5: Investigate a topic and associated CVE hyperlink

The remainder of this lab walks you through a vulnerability investigation and solution. Choose a topic to investigate, and click on an associated CVE hyperlink. The link should open a new web browser connected to http://nvd.nist.gov/ and the vulnerability summary page for the CVE.

NOTE: Because the CVE list changes, the current list may not contain the same vulnerabilities as

those in January 2007.

Step 6: Record vulnerability information

Complete the information about the vulnerability. Answers vary

Original release date: ____________________________

Last revised: ___________________________________

Source: _______________________________________

Overview: _____________________________________

Step 7: Record the vulnerability impact

Under Impact, there are several values. The Common Vulnerability Scoring System (CVSS) severity is

displayed and contains a value between 1 and 10. Complete the information about the vulnerability impact. Answers vary CVSS Severity

 

Access Complexity: ______________________________________________

Authentication: __________________________________________________

Impact Type: ___________________________________________________

Step 8: Record the solution

The References to Advisories, Solutions, and Tools section contains links with information about the

vulnerability and possible solutions. Jawaban: Using the hyperlinks, write a brief description of the solution found on those pages. Answers vary

Step 9: Reflection

The number of vulnerabilities to computers, networks, and data, continues to increase. Many national governments have dedicated significant resources to coordinating and disseminating information about security vulnerability and possible solutions. It remains the responsibility of the end user to implement the solution. Think of ways that users can help strengthen security. Write down some user habits that create security risks.

Jawaban: Using weak passwords, Writing down passwords, Not changing passwords frequently, Not securing workstations when leaving them unattended, Not following procedures or protocols when divulging network information (checking a person’s identity and clearance to have that information). Creating a “work-around” solution to a current security requirement (if it impedes a work process) instead of formally requesting that the issue be reviewed and amended. (Network administrators also need to be aware that network functionality is essential and that implementing security measures that render a business network feature inoperable is not viable.).

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: