Running Head: VULNERABILITY ASSESSMENT

Memo

To: IT security supervisor

From:

Subject: Request Of Permission To Purchase A Network Penetration Tool

Due to the recent attacks of the police department server, I was prompted to draft a report on the need for immediate attention to perform vulnerability assess on the network. I will present to you the possible network penetration testing tools, comparing their limitation and how each can be used in this scenario.

Network Penetration Tools

Nmap (Network Mapper)

This is a security scanner that was written by Gordon Lyon that is mainly used in the discovery of hosts and services on network of computers creating a map of the network. To achieve its objective Nmap usually sends packets that are cracked to the target host analyzing the responses (Alder et al, 2007). As compared to other post scanners Nmap considers the network conditions. These conditions can range from latency fluctuations to network congestion. In consideration to the large and active user community, Nmap provides feedback at the same time contributing back. Nmap can run on Windows, Linux, Solaris, Mac OS X and HP-UX. But Linux is the most popular platform that supports Nmap followed by Microsoft Windows.

Namap is used in the discovery of network computers and services in network. Nmap has a capability of discovering the network passive services even if these services are not advertising themselves using a service directory protocol. Nmap can be used when determining the various details of computer that is operating remotely.

Nessus

This is a scanning program used in the scan of comprehensive vulnerability. The software is free of charge unless you are using it for enterprise environment. The potential objective of Nessus is to detect potential threat on the system that is been tested (Alder et al, 2007). These threats can be vulnerabilities that can allow hackers to have access or control sensitive data, denials of service, misconfiguration and default passwords. In its operations Nessus scans the ports using one of its four ports scanners in the determination of open ports that maybe the target and then exploits them. Nessus Attack Scripting Langauage (NASL) is a scripting language that is usually optimized for network interaction that is customized.

The results of the scan are reported in various formats such a XML, HTML or plain text. The results can be saved for debugging. On UNIX scan be automated using a command line-client. Nessus exists as open source tools and free for both UNIX and Windows. The tool can also be used in the audit systems to ensure that they adhere to a specific configuration policy.

Metasploit Project

This is an open-source computer security program that briefs of the security vulnerabilities and helps in the penetration testing. It is also known for anti-forensic and an as evasion tools. Metasploit was created using Ruby programming language and become the Ruby’s world’s project (Alder et al, 2007). It is comparable to other commercial products such as core security technologies and Immunity’s Canvas and can be used to protect and break into remote systems. In many cases Metasploit has been be applied in both legitimate and unauthorized activities. Metasploit has been used as powerful third-party security that researchers use when investigating potential vulnerabilities.

The Limitation of Network Penetration Tools

Network Mapping (Nmap)

To begin with, Nmap can only take one snap shot at a time. The other limitation is the reporting capability because it does not provide the results in a format that can be understood. But this can be overcome using effective tools that can filter the data from an nmap such as PBNJ. Nmap is a tool that can be used for black hacking and can tamper with the computer security (Alder et al, 2007). It can be used to gain unauthorized access to computer systems that are running vulnerable services. Nmap can also be used to confuse tools such as Nessus that are used as vulnerability assessment tools.

Nessus

Nessus ha s a limitation on the number of IP addresses or websites that I can scan. However Nessus cannot work fully without being registered otherwise it will have unnecessary limitations. As compared to other tools Nessus is expensive as it is known that tools such as Nmap are open source and are free.

Metasploit project

The entire network has to be mapped before vulnerabilities are tested. When using metasploit project one is bound to network penetration testing closing doors for the wireless and Client side. Again the tool is expensive to buy it.

How these tools perform a network penetration test

Nmap

It makes use of IP addresses that are raw in novel way that are used as a determinant of hosts that are present in the network, the services that are provided by the host, the OS versions that they are running and the firewall that is being used. This tool is used in security audits and it is very helpful especially to the network administrators who use it for the inventory of the network, monitoring the service uptime and scheduling (Alder et al, 2007). What comes as the Nmap as output is a list targets that have been scanned that has supplementary information based on the option that was applied. What is interesting in the said information is the ports table that lists that protocol and port numbers, the state, and the service name.

The variables of state are open, closed, filtered and closed. In this case open means that the targeted machines have been “listening” for the packets on the port. Filtered on the other hand, means that the firewall or filter is on and is blocking the port in a way that Namp can’t if the port is open or not. And when closed it means that there is no listening application and the ports are classified unfiltered if they don’t respond to Nmap probes (Alder et al, 2007). Apart from the interesting ports table, Nmap provides more information on other information targets such as DNS names in reverse, MAC addresses, OS, and device types. At the end Nmap reports can constitutes supported IP address.

Nessus

This remote security scanning tool run over 12000 checks on a remote computer at a given time. This ensures that attackers cannot break into the computer system. Before we can understand how Nessus operates we have to understand the various services that can be accessed remotely on a server. Using a highly reliable TCP stream high –level traffic can reach the server.    Ports or rather physical connections in a network ensure that different streams do not interfere with each other. If someone talks with a web server on a remote machine you may connect to a port say the standard HTTP (port #80) or port #25 on the same machine to access SMTP server. How Nessus work is by testing the ports determining what ports are active or running to ensure that there are no vulnerabilities that can be used by hackers to attack (Alder et al, 2007). Nesus is also called “remote scanner” as you don’t need to install it in the computer that you are testing.

Metasploit project

The metaploit project existence is to deliver platform that is consistent and all-encompassing. This guarantees the rapid exploit development for both the researchers and professionals. In the recent yes has released a patch on particular bugs. Matasploit 3.0 has included fizzing tools that are used in the discovery of vulnerabilities in software. This platform can be used in the creation of security test tools exploiting modules (Alder et al, 2007)

. The interface guides the user through the process of hosts discovering, access to the target systems and the control of the systems while collecting evidence. There are two products Metasploit Pro and Metasploit Express fit in that have enhanced capabilities like VPN pivoting and web applications that are costumed.

References

Alder, R., & al, e. (2007). How to Cheat at Configuring Open Source Security Tools. Massachusetts: Syngress.

Vulnerability Assessment

Name

Institution

Vulnerability Assessment

Vulnerability assessment is an information security community standard and promotes security content to standardize the transfer of information to other tools and services. The framework was used by the federal government agency to develop a plan to protect its infrastructure (Marwick, 1998). It involved a three-step process; to define minimum essential infrastructure, to identify vulnerabilities of MEI, and develop solution plans. However, the method has its weaknesses, such as it is limited to the purpose to which it is used. Also, the use of the scalable template to assess vulnerabilities may give a solution that may not necessarily apply, especially when the team was not committed or knowledgeable in the process of identifying the weaknesses. For example, if the team is not conversant with the process of assessment, a slight mistake causes a change in the solution plan, which affects an organization.

The private sector company does not involve the government in its operations; therefore, its scalability process lies between the internal partners and its agency. The use of the mission essential process serves it best to identify the weaknesses that hinder the achievement of its mission. This involves identification of the mission and objectives, identifying the gaps, and finding the solutions. On the other hand, the local government consists of a project design for community mobilization hence more advanced analysis required based on the needs of the community (Preston, Brooke, Measham, Smith & Gorddard, 2008). Therefore, it uses poverty vulnerability assessment. A regional authority needs strategic planning and policy for a larger population. Therefore, a livelihood vulnerability index method can be applied to evaluate climate or economic changes affecting society.

Vulnerability assessment requires a constant flow of information hence the need for tools and software. Lack of these resources is a challenge to the process. Shortage of skilled staff to run the software or make the process successful leads to underdeveloped remedy or wrong plans (Cedergren et al., 2018). Also, the lack of defined criteria of assessment by the management affects the process and fails to provide efficient solutions to the challenges identified. Lacking these factors affect the operations of an institution or agency and reflects on the performance as security is critical for smooth functioning.

References

Cedergren, A., Hedtjärn Swaling, V., Hassel, H., Denward, C., Mossberg Sonnek, K., & Albinsson, P. et al. (2018). Understanding practical challenges to risk and vulnerability assessments: the case of Swedish municipalities. Journal Of Risk Research, 22(6), 782-795. doi: 10.1080/13669877.2018.1485169

Marwick, P. (1998). Vulnerability Assessment Framework. Critical Infrastructure Assurance Office.

Preston, B., Brooke, C., Measham, T., Smith, T., & Gorddard, R. (2008). Igniting change in local government: lessons learned from a bushfire vulnerability assessment. Mitigation And Adaptation Strategies For Global Change, 14(3), 251-283. doi: 10.1007/s11027-008-9163-4