Vulnerability Assessment Scan Essay

docx

School

Grand Canyon University *

*We aren’t endorsed by this school

Course

340

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

3

Uploaded by CorporalHummingbird3807

Report
Brian Centers ITT – 340 February 4, 2023 Professor Ingrid Gaviria Vulnerability Assessment Essay The first critical vulnerability that was discovered during the OpenVAS scan was a buffer overflow attack. This attack occurs when the volume of data is far greater than the storage capacity of the memory buffer within a server. If a hacker were to execute this attack and if they also knew the memory layout of a program, they could gain access to the network the server is on and they could install new programs which could view, change, or delete data. For this particular vulnerability, a software patch is necessary to install immediately to remedy the vulnerability, but stricter security measures within the code could also help prevent this attack from ever happening. The next critical vulnerability that was found involved another attack that could allow for remote code execution, which involves an attacker creating a Server Message Block (or SMB) packet and sending the packet to a vulnerable or affect system. Should this packet make its way onto the system, the attacker could gain full control of the system in the same manner as the buffer overflow attack. Again, the best method of fixing this vulnerability is to install a software patch on the system. Proper firewall configurations of the system is usually the best preventative
measure to prevent an SMB packet from manipulating the system and giving an attacker full access to the server and to the network. Another critical vulnerability that was discovered during the scan was an SMB version 2 Infinite Loop Vulnerability. With this denial of service attack, the bad actor could cause the system to lock up and become completely unusable until the system is physically restarted. This vulnerability is similar to the SMB packet vulnerability, however, since the attack is a denial of service attack, it does not grant the attacker access to the system or the network, as it simply freezes up the system until it can be restarted by a server administrator. Again, a software patch is the best remedy to fix the problem, but proper firewall configurations could have possibly prevented this attack from ever taking place. Finally, these scans were able to be executed because there were open ports that were accessed within the virtual machines. Had these ports existed on actual servers or systems on a network, a hacker could use any scanning tool to identify these open ports and gain access to the system and eventually to the network. Open port vulnerabilities can usually result in data becoming compromised or even removed completely from the system. The best course of action to prevent unwanted users from accessing these open ports is to properly secure all open ports by making sure that they encrypt all traffic to the port, or to completely shut off access to the port. Advanced persistent threat (APT) actors love to prey on unprotected systems, and the vulnerabilities discovered within this scan could definitely be exploited by APT actors. Not only do network administrators need to properly configure the systems on the network with the necessary security measures from their initial implementation, but they must also make sure that they apply all available software patches when they immediately become available. Another security measure that goes a long way in protecting a given network is constant network
surveillance. In most cases, constant network surveillance can detect intruders or unusual activity on the network that can identify a pending attack. Constant network surveillance does require finances and resources that many small to medium companies may not have, but this surveillance can go a long way in saving the company from future attacks that could be even more costly.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Benchmark – Security Control Analysis.pdf
English pronouns 3.jpg
Benchmark - Developing Contingency Strategies For Information System.pdf
IT Security Breaches.pdf
Pen testing Methodology.pdf
Applying Advanced Protocols.docx
M3 Lab.docx
ICC104 Assessment 2 .docx
annotated-ENPM687Final_RheaJokhi.pdf
Interpreting and Building Entity-Relationship Diagram (ERD) MIS 605 GCU.docx
Report Card for Sai Shravya Simhadri Chapter 2.pdf
Report Card for Sai Shravya Simhadri Chapter 3.pdf