Vulnerability Scanners

  

October 2004

  
 

Conclusion

Weekly scans of all external and internal servers should be performed to ensure the latest security updates are installed and functional. Web vulnerability scanners should be employed to ensure all web applications are secure from invalid input attacks. Server Vulnerability scanners should be used to verify the server does not have any security holes that a hacker could exploit to gain access to the server. Finally all server assets should be protected by a strong firewall that not only closes but stealths all unused ports.

Securing a Server Checklist:

Since hackers are constantly scanning for new servers the following tasks should be accomplished behind a secure firewall before any server goes live.

  1. Download and install all Operating System updates and patches.
  2. Install and update Anti-Virus Software
  3. Install each service individually - Adding services in this order will help ensure no unused services or ports are left open and vulnerable.
    1. Install service.
    2. Update/Patch service with all known security patches
    3. Search for known vulnerabilities for each service on popular hacker websites such as www.packetstormsecurity.org , www.hackwire.com , www.securitytracker.com , and others.
      1. If a vulnerability is found that has not been patched by the updates from the company take the necessary precautions based on the recommendations in the vulnerability report to secure the service -- or find another, more secure service.
    4. Open port on the firewall
  4. Scan the server internally given as many permissions as possible. Since you are scanning the server you want to find all the vulnerabilities possible and decide what to do based on the severity of each vulnerability found.
  5. For each vulnerability found using the scanner follow the steps given by the scanner to secure the server. If no steps to secure the server are given research the vulnerability on the above hacker sites and the vendors site. If still no solution can be found contact the vendor for a workaround or consider another solution for that service.
  6. Continue to research vulnerabilities on the hacker sites daily. Many times hackers will exploit a vulnerability the same day it is discovered, before System Administrators have a chance to secure their servers.

Bibliography

<<Previous 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Next>>

Provided by: Security Innovation, The Application Security Company