Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References

Network Scanning and Vulnerability Assessment

with Report Generation
NIKITA JHALA(12MCE12)
CSE-INS,
IT,Nirma University
May 13, 2014
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Project Prole
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Problem Statement
To scan the network and nd internal as well as external
threats in IPR.
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
1 Topics Covered in previous Reviews
Key points
2 Literature Survey
3 Existing Tools
4 Implementation
Implementation Method
Generic Architecture
Overview of OpenVAS
Overview of NMAP
Tool Developed:Network Scanner
5 Conclusion & Future Work
6 References
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Topics Covered in previous Reviews
1 Topics Covered in Review 1
Project Objectives
Literature Survey
Scope Of Project
Testing Method
Project Plan
2 Topics Covered in Review 2
Working Technology Behind NMAP (Scanning Techniques,
Ping Options, Fingerprinting)
Proposed Architecture for integrated Scanner
Issues in integration
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Key points
Outline
1 Topics Covered in previous Reviews
Key points
2 Literature Survey
3 Existing Tools
4 Implementation
Implementation Method
Generic Architecture
Overview of OpenVAS
Overview of NMAP
Tool Developed:Network Scanner
5 Conclusion & Future Work
6 References
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Key points
Introduction
What is Network Scanner?
What is vulnerability assessment and penetration testing
Why Vulnerability Assessment is needed?
Purpose of Project
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tools Used
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Conclusion of Literature Survey
Recommended approach to vulnerability scanning is to:
Tune the vulnerability scan proles to suit your requirements
Perform detailed analysis of the results
Run secondary tools (nmap, a secondary vulnerability
scanning solution and / or specialised tools). The use of
multiple tools will provide a greater level of coverage and
assist in conrming discovered vulnerabilities.
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Implementation Method
Outline
1 Topics Covered in previous Reviews
Key points
2 Literature Survey
3 Existing Tools
4 Implementation
Implementation Method
Generic Architecture
Overview of OpenVAS
Overview of NMAP
Tool Developed:Network Scanner
5 Conclusion & Future Work
6 References
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Implementation Method
Implementation Method
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Generic Architecture
Outline
1 Topics Covered in previous Reviews
Key points
2 Literature Survey
3 Existing Tools
4 Implementation
Implementation Method
Generic Architecture
Overview of OpenVAS
Overview of NMAP
Tool Developed:Network Scanner
5 Conclusion & Future Work
6 References
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Generic Architecture
Generic Architecture
Figure : Generic Architecture of Network Scanner
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of OpenVAS
Outline
1 Topics Covered in previous Reviews
Key points
2 Literature Survey
3 Existing Tools
4 Implementation
Implementation Method
Generic Architecture
Overview of OpenVAS
Overview of NMAP
Tool Developed:Network Scanner
5 Conclusion & Future Work
6 References
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of OpenVAS
OpenVAS
The Open Vulnerability Assessment System (OpenVAS) is a framework of
several services and tools.
Services:
1 Core:OpenVAS Scanner executes the actual Network Vulnerability
Tests (NVTs) which are served with daily updates via the OpenVAS
NVT Feed or via a commercial feed service.
2 Central Service:OpenVAS Manager consolidates plain
vulnerability scanning into a full vulnerability management solution.
3 OpenVAS Administrator acts as a command line tool or as a full
service daemon oering the OpenVAS Administration Protocol
(OAP). The most important tasks are the user management.
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of OpenVAS
Architecture Overview: OpenVAS Services
Figure : OpenVAS Architecture
The OpenVAS Scanner oers the communication protocol OTP (OpenVAS
Transfer Protocol) which allows to control the scan execution. Traditionally,
the desktop- and cli-tool OpenVAS Client acts as a direct OTP client.
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of OpenVAS
Architecture Overview: OpenVAS Services
Figure : OpenVAS Architecture
The Manager controls the Scanner via OTP (OpenVAS Transfer Protocol) and
itself oers the XML-based, stateless OpenVAS Management Protocol (OMP).
All intelligence is implemented in the Manager so that it is possible to
implement various lean clients that will behave consistently e.g. with regard to
ltering or sorting scan results.
The Manager also controls a SQL database (sqlite-based) where all
conguration and scan result data is centrally stored.
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of OpenVAS
Architecture Overview: OpenVAS Services
Figure : OpenVAS Architecture
The OpenVAS Administrator oers the OpenVAS Administration Protocol
(OAP) which oers tasks are the user management and feed management.
OpenVAS CLI contains the command line tool omp which allows to create
batch processes to drive OpenVAS Manager.
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of NMAP
Outline
1 Topics Covered in previous Reviews
Key points
2 Literature Survey
3 Existing Tools
4 Implementation
Implementation Method
Generic Architecture
Overview of OpenVAS
Overview of NMAP
Tool Developed:Network Scanner
5 Conclusion & Future Work
6 References
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of NMAP
NMAP
Figure : NMAP Overview
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Overview of NMAP
NMAP Vulnerability assessment
Nmap NSE Vulscan 2.0: script written for nmap that adds vulnerability
scanning.
Working:
1 The nmap option -sV enables version detection per service
which is used to determine potential aws according to the
identied product.
2 The data is looked up in an oine version of dierent
vulnerability databases.
Usage:nmap -sV script =
vulscan www.example.com [script-args vulscandb =
your own database]
Databases used: cve,exploitdb,openvas,ovsdb, scipvuldb, securityfocus,
securitytracker, xforce
Disadvantage: Large no. of false positive
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
Outline
1 Topics Covered in previous Reviews
Key points
2 Literature Survey
3 Existing Tools
4 Implementation
Implementation Method
Generic Architecture
Overview of OpenVAS
Overview of NMAP
Tool Developed:Network Scanner
5 Conclusion & Future Work
6 References
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
Network Scanner: Architecture
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
Network Scanner: Features Overview
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
Network Scanner: Features Overview
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
Issues Targeted & Solutions
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
How Scan duration can be reduced?
Perform Nmap Scan
Upload or Load Nmap output to OpenVAS Module
Create Scan Conguration with this Nmap
Run Task
Results
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
Network Scanner:Limitations
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Tool Developed:Network Scanner
Network Scanner: Demo Overview
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Conclusion & Future Work
Conclusion: Network Scanner uses best of both tools.Also user do
not require to do any installation or conguration to
use this tool.
Its report generation is much better than both
tools.This report generated are meant for higher
authorities and non-technical people who want to
have knowledge of their organizations network.
Future Work: Phase 4
Figure : Project Plan
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
TIMELINE
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
References
VeriSign White Paper, An Introduction to Network Vulnerability Testing
Gordon Fyodor Lyon, Nmap Network Scanning:Ocial Nmap Project Guide
to Network Discovery and Security Scanning, Insecure Press , ISBN-10:
0979958717
James Messer,Secrets of Network Cartography: A comprehensive guide to
Nmap, A NetworkUptime.com Publication
Feng Cheng, Sebastian Roschke, Christoph Meinel, An Integrated Network
Scanning Tool for Attack Graph Construction,6th International Conference on
Advances in Grid and Pervasive Computing (GPC 2011), Oulu, Finland, May
2011
VrmlMap:3D mapping of computer networks , Available at:
http://www-moncube.cea.fr/doku.php/en:vrml:vrml
Hagen Hopfner,Visualizing your network with RadialNet,Linux Magazine,
September 2008, Issue 94
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation
Topics Covered in previous Reviews Literature Survey Existing Tools Implementation Conclusion & Future Work References
Thank You
CSE Department CSE-INS,IT,Nirma University
Network Scanning and Vulnerability Assessment with Report Generation