Performing_a_Vulnerability_Assessment_4e_-_Alejandro_Benavides
pdf
keyboard_arrow_up
School
American Military University *
*We aren’t endorsed by this school
Course
422
Subject
Information Systems
Date
Apr 3, 2024
Type
Pages
13
Uploaded by mrvidez
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Student:
Email:
Alejandro Benavides
alejandro.benavides@mycampus.apus.edu
Time on Task:
Progress:
9 hours, 24 minutes
100%
Report Generated:
Tuesday, February 13, 2024 at 3:16 PM
Section 1: Hands-On Demonstration
Part 1: Scan the Network with Zenmap
9.
Make a screen capture
showing the contents of the Ports/Hosts tab from the SYN scan for
fileserver01.securelabsondemand.com
.
Page 1 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
15.
Make a screen capture showing the contents of the Host Details tab from the OS scan for
fileserver01.securelabsondemand.com
.
19.
Make a screen capture showing the details in the Ports/Hosts tab from the Service scan
for fileserver01.securelabsondemand.com.
Page 2 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Part 2: Conduct a Vulnerability Scan with Nessus
14.
Make a screen capture
showing the Nessus report summary
.
Part 3: Evaluate Your Findings
11.
Summarize
the vulnerability you selected, including the CVSS risk score, and recommend
a
mitigation strategy.
Selected 172.30.0.3 vulnerability. The CVSSv3 score is 6.5 and the recommended mitigation is to
disable the Telnet service and use SSH instead. There is no reference CVE.
Page 3 of 13
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Section 2: Applied Learning
Part 1: Scan the Network with Nmap
6.
Make a screen capture
showing the results of the traceroute command
.
Page 4 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
10.
Make a screen capture
showing the results of the Nmap scan with OS detection
activated
.
Part 2: Conduct a Vulnerability Scan with OpenVAS
Page 5 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
13.
Make a screen capture
showing the detailed OpenVAS scan results
.
Part 3: Prepare a Penetration Test Report
Target
Insert the target here.
The target of this penetration test is the drisst.com web server,
specifically to conduct a vulnerability scan to identify potential security
weaknesses.
Completed by
Insert your name here.
Alejandro Benavides
Page 6 of 13
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
On
Insert current date here.
February 13, 2024
Purpose
Identify the purpose of the penetration test.
The purpose of this penetration test is to identify potential security vulnerabilities in the drisst.com web
server and assess the security posture of the organization. This test will help identify potential security
weaknesses and suggest measures to improve the security posture of the organization.
Scope
Identify the scope of the penetration test.
The scope of this penetration test is limited to a vulnerability scan of
the drisst.com web server. The penetration tester is allowed to scan
the web server for vulnerabilities using Nmap and OpenVAS, but not
authorized to conduct any potentially destructive scans or tests. The
penetration test is limited to the web server and does not include any
other systems or networks within the organization.
Page 7 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Summary of Findings
Identify and summarize each of the three high-severity vulnerabilities identified during your penetration
test. For each vulnerability, identify the severity, describe the issue, and recommend a remediation.
uring the vulnerability scan, three high-severity vulnerabilities were identified in the drisst.com web
server using OpenVAS. The vulnerabilities are as follows:
Vulnerability 1: MvSOL MariaDB Weak Password
Severity: 9.0 (High)
Description:
The MariaDB service is using a weak password, which can be easily guessed or brute-
forced by an attacker. This could lead to unauthorized access to the database and sensitive
information being stolen.
Recommendation:
Change the MariaDB password to a stronger and more complex one, preferably
using a combination of upper and lowercase letters, numbers, and special characters.
Vulnerability 2: vsftpd Compromised Source Packages Backdoor Vulnerability
Severity:
7.5 (High)
Description: The vsftpd service is using compromised source packages, which contain a backdoor
vulnerability that can be exploited by an attacker to gain unauthorized access to the server.
Recommendation: Update the vsftpd service to the latest version, which does not contain the
backdoor vulnerability, and remove any compromised source packages from the system.
Vulnerability 3: vsftpd Compromised Source Packages Backdoor Vulnerability
Severity
: 7.5 (High)
Description
: The vsftpd service is using compromised source packages, which contain a backdoor
vulnerability that can be exploited by an attacker to gain unauthorized access to the server.
Recommendation: Update the vsftpd service to the latest version, which does not contain the
backdoor vulnerability, and remove any compromised source packages from the system.
Page 8 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Conclusion
Identify your key findings.
The penetration test has identified several vulnerabilities in the
drisst.com web server, including three high-severity vulnerabilities that
pose a significant security risk to the organization. The vulnerabilities
need to be addressed immediately to prevent unauthorized access to
the system and sensitive information being compromised. The
organization should implement the recommended remediation
measures to improve the security posture of the drisst.com web server
and mitigate the identified security vulnerabilities. It is recommended
that regular vulnerability assessments and penetration tests are
conducted to identify and address potential security weaknesses in
the organization's IT infrastructure.
Page 9 of 13
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Section 3: Challenge and Analysis
Part 1: Scan the Domain Controller with Nmap
Make screen capture showing the results of your targeted port scan on the domain controller
.
Part 2: Scan the Domain Controller with Nessus
Page 10 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Make a screen capture
showing the Nessus report summary for the domain controller
.
Part 3: Prepare a Penetration Test Report
Target
Insert the target here.
The target system is the domain controller for Secure Labs on
Demand. Completed by
Insert your name here.
Alejandro Benavides
Page 11 of 13
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
On
Insert current date here.
February 13, 2024
Purpose
Identify the purpose of the penetration test.
The purpose of the test is to evaluate the security posture of the
domain controller and identify any vulnerabilities that may be exploited
by an attacker.
Scope
Identify the scope of the penetration test.
The scope of the test includes conducting Nmap scans to identify
open ports and services on the domain controller, and a Nessus
vulnerability scan to identify any known vulnerabilities. The Nmap
scans were used to identify the open ports and services on the target
system, specifically the LDAP service that was found to be running on
the domain controller.
Page 12 of 13
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Performing a Vulnerability Assessment (4e)
Fundamentals of Information Systems Security, Fourth Edition - Lab 02
Summary of Findings
Identify and summarize each vulnerability identified during your penetration test. For each
vulnerability, identify the severity, describe the issue, and recommend a remediation.
The Nessus scan was used to identify any known vulnerabilities on
the target system, and the scan identified a high severity vulnerability
associated with the SSL Medium Strength Cipher Suites Supported
(SWEET32). The vulnerability has the CVE-2016-2183 reference
which the description states "
The DES and Triple DES ciphers, as
used in the TLS, SSH, and IPSec protocols and other protocols and
products, have a birthday bound of approximately four billion blocks,
which makes it easier for remote attackers to obtain cleartext data via
a birthday attack against a long-duration encrypted session, as
demonstrated by an HTTPS session using Triple DES in CBC mode,
aka a "Sweet32" attack." Recommended solution is to Reconfigure the
affected application if possible to avoid use of medium strength
ciphers.
Conclusion
Identify your key findings.
The conclusion is that the domain controller is vulnerable to cracking
encryption by using a birthday attack during a long session which will
make it easier for hackers.
Powered by TCPDF (www.tcpdf.org)
Page 13 of 13