Vulnerability Analysis
Host analysis

The hosts that are on the network need to be taken into consideration when designing a network security solution. Determining the role in the network of each host will help to decide the steps that will be taken to secure it. The network could have many user workstations, as well as multiple servers that need to be accessed from both inside and outside of the network.

The types of applications and services that are running on the hosts need to be identified, and any network services and ports that are not necessary should be disabled or blocked. All operating systems should be patched as needed. Antivirus software should be installed and kept up to date. Some servers may be assigned static routable IP addresses to be accessible from the internet. These hosts in particular should be monitored for signs of malicious activity.

There are many tools that are available to test host security. Most tools have been developed on a UNIX or Linux platform, and some of them have now been ported to other operating systems. Two of the most common tools are described below:

  • Network Mapper (Nmap) – Nmap is a very popular free tool used for security scanning and auditing. It can rapidly perform a port scan of a single host or a range of hosts. Nmap was originally written to be run on UNIX systems, and it is now available for use on Microsoft Windows platforms .
  • Nessus – Nessus is a vulnerability scanner that is available for UNIX and Microsoft Windows platforms. New vulnerability testing capabilities can be added to Nessus through the installation of modular plugins. Nessus includes a built in port scanner, or it can be used along with Nmap. Once the Nessus scan is finished, a report is created. This report displays the results of the scan and provides steps that can be taken to mitigate vulnerabilities.

Web Links