Establishing A Methodology; Evaluating The Tools; Scanning Hosts With Nmap - Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual

Hide thumbs Also See for ENTERPRISE LINUX 4 - SECURITY GUIDE:

Manual (410 pages)

System administration manual (400 pages)

Administration manual (200 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

page of 136

/ 136
Contents
Table of Contents
Bookmarks

Table of Contents

• Creates proactive focus on information security

• Finds potential exploits before crackers find them

• Results in systems being kept up to date and patched

• Promotes growth and aids in developing staff expertise

• Abates Financial loss and negative publicity

8.2.1. Establishing a Methodology

To aid in the selection of tools for a vulnerability assessment, it is helpful to establish a vulnerability

assessment methodology. Unfortunately, there is no predefined or industry approved methodology at

this time; however, common sense and best practices can act as a sufficient guide.

What is the target? Are we looking at one server, or are we looking at our entire network and

everything within the network? Are we external or internal to the company? The answers to these

questions are important as they help determine not only which tools to select but also the manner in

which they are used.

To learn more about establishing methodologies, refer to the following websites:

http://www.isecom.org/projects/osstmm.htm

•

Manual (OSSTMM)

http://www.owasp.org/

•

8.3. Evaluating the Tools

An assessment can start by using some form of an information gathering tool. When assessing the

entire network, map the layout first to find the hosts that are running. Once located, examine each host

individually. Focusing on these hosts requires another set of tools. Knowing which tools to use may be

the most crucial step in finding vulnerabilities.

Just as in any aspect of everyday life, there are many different tools that perform the same job. This

concept applies to performing vulnerability assessments as well. There are tools specific to operating

systems, applications, and even networks (based on the protocols used). Some tools are free; others

are not. Some tools are intuitive and easy to use, while others are cryptic and poorly documented but

have features that other tools do not.

Finding the right tools may be a daunting task and in the end, experience counts. If possible, set up a

test lab and try out as many tools as you can, noting the strengths and weaknesses of each. Review

the README file or man page for the tool. Additionally, look to the Internet for more information, such

as articles, step-by-step guides, or even mailing lists specific to a tool.

The tools discussed below are just a small sampling of the available tools.

8.3.1. Scanning Hosts with Nmap

Nmap is a popular tool included in Red Hat Enterprise Linux that can be used to determine the layout

of a network. Nmap has been available for many years and is probably the most often used tool when

gathering information. An excellent man page is included that provides a detailed description of its

— The Open Source Security Testing Methodology

— The Open Web Application Security Project

Establishing a Methodology

Table of Contents

Establishing A Methodology; Evaluating The Tools; Scanning Hosts With Nmap - Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual

8.2.1. Establishing a Methodology

8.3. Evaluating the Tools

8.3.1. Scanning Hosts with Nmap

Related Manuals for Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE

Related Content for Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE

Table of Contents