The hosts that are on the network need to be taken into consideration when
designing a network security solution. Determining the role in the network of
each host will help to decide the steps that will be taken to secure it. The
network could have many user workstations, as well as multiple servers that
need to be accessed from both inside and outside of the network.
The
types of applications and services that are running on the hosts need to be
identified, and any network services and ports that are not necessary should be
disabled or blocked. All operating systems should be patched as needed.
Antivirus software should be installed and kept up to date. Some servers may be
assigned static routable IP addresses to be accessible from the internet. These
hosts in particular should be monitored for signs of malicious activity.
There are many tools that are available to test host security. Most tools
have been developed on a UNIX or Linux platform, and some of them have now been
ported to other operating systems. Two of the most common tools are described
below:
-
Network Mapper (Nmap) – Nmap is a very popular free tool used for
security scanning and auditing. It can rapidly perform a port scan of a single
host or a range of hosts. Nmap was originally written to be run on UNIX
systems, and it is now available for use on Microsoft Windows platforms
.
-
Nessus – Nessus is a vulnerability scanner that is available for
UNIX and Microsoft Windows platforms. New vulnerability testing capabilities
can be added to Nessus through the installation of modular plugins. Nessus
includes a built in port scanner, or it can be used along with Nmap. Once the
Nessus scan is finished, a report is created. This report displays the results
of the scan and provides steps that can be taken to mitigate
vulnerabilities.