Professional Documents
Culture Documents
Purpose
The purpose of this document is to provide the system owner with a Vulnerability
and Threat Assessment (VTA) of their home network. A VTA will be performed on the
network to identify any and all vulnerabilities and/or threats. It should be noted that this
is just a break down of what would be conducted for a VTA, I did not actually run an
assessment on my home network for fear that I may compromise the network.
For this particular VTA I chose to use my home WiFi Network. My home WiFi
Network usually has two laptops, two iPhones, an Apple TV, and a Smart TV connected
to the router. The table below lists the Network Name, Security, and IP Address.
Preparation
Before I begin the vulnerability scan the first step I would take would be to identify
the vulnerability/vulnerabilities that I am looking for. Seeing as I am scanning my home
WiFi network I would scan for vulnerabilities that could potentially be granting remote
access to my network. For the purposes of this assignment the scope of my scan would
be that of an external scan performed from the perspective of an attacker on the
Internet (Palmaers, 2013). According to Palmaers (2013), An external scan provides
an overview of security vulnerabilities which are visible from outside a network, taking
into account all security layers on the network between the scanner machine and the
target system. This controls can include/includes network firewalls, intrusion detection
systems, (web) application firewalls as well as any host based security controls which
are present on the target system. The results of an external scan give an indication on
the correct configuration of the network security controls between the scanner and the
target system.
Once I have figured out the scope of my scan, external scan, I would plan the
vulnerabilities scans what would be preformed on my network. Using the list of different
vulnerability analysis tools from Kali Tools I have selected OpenVAS-scanner, within
OpenVAS-scanner there are multiple tools that can be run in conjunction with it they
are: Greenbone Security Assistant, GSD, and OpenVAS-Manager. I have also selected
Oscanner as my other vulnerability assessment (VA) tool to be utilized for the purpose
of this VTA.
The following two images are examples for OpenVAS usage. The first image
shows openvas with the command for help being utilized. The second image is
depicting the start of the OpenVAS scanner daemon in the foreground (-f) on the
example IP address and port: 192.168.1.202 (-a 192.168.1.202), port 8888 (-p 8888)
(Offensive Security, 2014).
One of the first programs that can run in conjunction with openVAS-scanner is
the Greenbone Security Assistant Package. Greenbone Security Assistant is described
as a web application that connects to the OpenVAS Manager and OpenVAS
Administrator to provide for a full-featured user interface for vulnerability management. A
tool included in the greenbone-security-assistant package is gsad Greenbone Security
Assistant Daemon (Offensive Security, 2014). The below image depicts the help
options when running the gsad in Kali.
A gsad usage example is to start the daemon in the foreground (-f) on port 8888
(-p 8888) and redirect HTTP to HTTPS (-R) (Offensive Security, 2014).
The second tool to run in conjunction with openVAS is GSD package. GSD is a
desktop client that connects to the OpenVAS Manager using the OMP protocol
(Offensive Security, 2014). The following images depict the GSD desktop client for
openVAS manager and a usage example.
The last tool to run in conjunction with openVAS-scanner would be the openVAS-
manager package. The OpenVAS-Manager is a layer between OpenVAS-Scanner and
various client applications such as OpenVAS-Client or Greenbone Security Assistant.
Among other features, it adds server-side storage of scan results and it makes it
unnecessary for scan clients to keep connection until a scan finishes (Offensive
Security, 2014). The following images depict tools that are utilized within openVAS-
manger:
The last two images depict the usage examples: Start the daemon on localhost (-
a 127.0.0.1), port 9390 (-p 9390) and connect to the scanner daemon on localhost (-l
127.0.0.1), port 9391 (-s 9391) (Offensive Security, 2014).
Oscanner
Oscanner is an Oracle assessment framework developed in Java. It has a plugin-
based architecture and comes with a couple of plugins that currently do: Sid
Enumeration, Passwords tests (common & dictionary), Enumerate Oracle version,
Enumerate account roles, Enumerate account privileges, Enumerate account hashes,
Enumerate audit information, Enumerate password policies, and Enumerate database
links. The results are given in a graphical java tree (Offensive Security, 2014). The
following image depicts the tool utilized within Oscanner and the usage example.
Remediating Actions
Should any vulnerabilities or threats be located on the home WiFi network
remediating actions would be to: elevated the security of the network, strengthen all
passwords utilized for each devices connected to the network, and lastly implement a
plan to scan for vulnerabilities on a semi or yearly basis. Once the remediating actions
have been put in place a rescan of the network would be conducted, if vulnerabilities
still existed the process would be repeated as necessary.
References
Offensive Security. (2014, February 18). Kali Tools. Retrieved June 2016, from
Openvas-scanner: http://tools.kali.org/vulnerability-analysis/openvas-scanner
Offensive Security. (2014, February 18). Kali Tools. Retrieved June 2016, from
Greenbone Security Assistant: http://tools.kali.org/vulnerability-
analysis/greenbone-security-assistant
Offensive Security. (2014, February 18). Kali Tools. Retrieved June 2016, from GSD:
http://tools.kali.org/vulnerability-analysis/gsd
Offensive Security. (2014, February 18). Kali Tools. Retrieved June 2016, from
Oscanner: http://tools.kali.org/vulnerability-analysis/oscanner
Offensive Security. (2014, February 18). Kali Tools. Retrieved June 2016, from
OpenVAS-manager: http://tools.kali.org/vulnerability-analysis/openvas-manager
Palmaers, T. (2013, March 23). SANS Institute. Retrieved June 2016, from
Implementing a Vulnerability Management Process:
https://www.sans.org/reading-room/whitepapers/threats/implementing-
vulnerability-management-process-34180