Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Network Security Tools
1. Software Security
Network Security Tools
Presented by
Emanuela Boroș
“Al. I. Cuza” University, Faculty of Computer Science
Master of Software Engineering, II
2. Audit/Port Scanning Tools
● Nessus (Vulnerability scanner) #3
● SAINT (Vulnerability scanner, Based on
SATAN,developed by World Wide Security,Inc.) #110
● Sara (Security Auditor’s Research Assistant,
SANS Top 10 Threats, 1 May 2009)
● Nmap, strobe (Port scanners, strobe was one of the
earliest port scanning tools, Nmap is the strobe's
grandson)
4. Nessus Scanner
● Available from http://www.nessus.org/products/nessus/
● The world leading vulnerability scanner
● Free for home users, licensed on a yearly subscription
for commercial businesses
● Easy-to-use tool
● Linux/Solaris/Windows/Android/iPhone
● Provides HTML based reports
● Client/server architecture: clients (Windows, Unix,
Android, iPhone) & servers (Unix only)
5. Pros/Cons
Pros
● Free vulnerability scanning
● Easy to install and use
● Up-to-date security vulnerability database
● Free for home users
● Powerful plug-in architecture
Cons
● Needs activation code
● Some UI issues
6. Policies
A Nessus “policy” consists of configuration options
related to performing a vulnerability scan.
● External Network Scan
● scans externally facing hosts
● XSS plugin families
● all 65,535 ports are scanned
● Internal Network Scan
● scans large internal networks with many hosts, several exposed services, and
embedded systems such as printers
● standard set of ports is scanned
● Web App Tests
● scans for vulnerabilities present in each of the parameters, including XSS,
SQL, command injection
● Prepare for PCI DSS audits
● enables the built-in PCI DSS compliance checks that compare scan results
with the PCI standards and produces a report on your compliance posture
12. Internal Network Scan
● Default policy
● scans large internal networks with many hosts, several exposed services, and
embedded systems such as printers
● standard set of ports is scanned
19. Steps
● App that requires authentication
● Create a policy
● General - Port 80
● Preferences
● HTTP login page
● Login page and login form (may be a different form)
● Look into you html and see what name fields or you can
use a sniffer What it is used into a post request
● Ability to check for auth – login successfully with a timer
– go to this page every delay to see if you're still logged
– with a 120 seconds and you should see a regex
Logout
● Web mirroring – regular expressions to exclude things – web
spider to exclude logout.php cause that would log you out
37. Nmap
● Insecure.Org
● free utility which can quickly scan broad ranges of devices and
provide valuable information about the devices on your network
● uses raw IP packets to determine what hosts are available on
the network
● used by attackers to scan a network and perform
reconnaisance about the types and quantities of targets
available and what weaknesses exist
39. Advantages
● smart penetration testing
● nmap the best scanner ever and nessus one of our favorite
vulnerability scanner
● effective and less time consumer
40. Case Study
Steps
● used nmap for a quick scan on the local network to all the
hosts in the subnet
● after the scan there will be different hosts and their open
ports