Network Security Monitoring
Home > Ask the Networking Experts > Enterprise security with Michael Gregg Questions & Answers > How to interpret test scan results to assess network vulnerability
Ask The Networking Expert: Questions & Answers
EMAIL THIS

How to interpret test scan results to assess network vulnerability

Michael Gregg EXPERT RESPONSE FROM: Michael Gregg

Pose a Question
Other Networking Categories
Meet all Networking Experts
Become an Expert for this site


Network security news, advice and technical information
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


>
QUESTION POSED ON: 08 April 2008
I am just stepping into the security domain. I have been asked to work with the Nessus tool to begin with. I just have one basic query of how to utilize Nessus' full capabilities: I installed the Nessus in an XP system and ran some test scans. What is the best means of deriving or interpreting the results so as to assess the network vulnerability? Please tell me if I am headed in the right direction.

>
EXPERT RESPONSE

Nessus is an open source, comprehensive cross-platform vulnerability scanner with CLI and GUI interfaces. The basic components of Nessus include:

  • The Nessus Client and Server Model
  • The Nessus Plugins
  • The Nessus Knowledge Base

Nessus works by performing a step-by-step review. Here are the basic steps:

  1. Inventory network devices
  2. Identify targets
  3. Create a plugin policy
  4. Launch a scan
  5. Analyze the reports
  6. Remediate and repair

Most networks are rather large so instead of trying to scan an entire network, classify the hosts into groups and then scan each group. Just from the data standpoint this will make the job easier as you will have such a massive amount of data to review.

Now comes the last and what some may feel is the hardest step: remediate and repair. Most vulnerability assessment tools like Nessus offer remediation advice, and although the tools have proven to be accurate, your mileage may vary. Therefore, I recommend that you carefully research all remediation plans before taking any action.

Sound Off! -   


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Enterprise security with Michael Gregg
What are the best methods for handling rogue access points?
What should I know before implementing a packet sniffer?
Will WPA2-PSK keep wireless networks safe from war drivers?
How to train intrusion detection systems (IDS)
Can a broadband network installer compromise your network security?
Do social networking products (blogs) pose network security threats?
What types of network firewalls are there?
After a server outage what emergency steps secure your network?
What protocol works on all layers of OSI?
How to block some users from the Internet while allowing others

Network Security Monitoring
Network forensics appliance gets storage boost and 10 GbE support
Tracking NetFlow over MPLS helps airline with compliance
Securing the new network architecture: Security for distributed, dynamic networks
When it comes to data loss prevention, networking should be part of the conversation
What is data loss prevention? -- An introduction to DLP
What are the best methods for handling rogue access points?
Internet monitoring vendor adds throttling, filtering, to its appliance
Endpoint security locks down law firm's network
Can a broadband network installer compromise your network security?
Network security: Using unified threat management (UTM)

Network Security Products
Securing the new network architecture: Security for distributed, dynamic networks
What is data loss prevention? -- An introduction to DLP
To simulate voice over IPSec VPNs which simulators work?
Is my firewall setting preventing wireless network guest access?
How to configure Windows Server 2008 advanced firewall MMC snap-in
How to retrieve passwords from locked laptops
What commands allow network traffic to pass through PIX firewalls?
For an SMB firewall, what features should I look at?
Creating Remote Access and Site-to-Site VPNs with ISA Firewalls: from 'The Best Damn Firewall Book Period, Second Edition'
What should I know before implementing a packet sniffer?

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
deep packet inspection (DPI)  (SearchNetworking.com)
FCAPS  (SearchNetworking.com)
Nessus  (SearchNetworking.com)
netstat  (SearchNetworking.com)
port mirroring  (SearchNetworking.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice

HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersNetworking Product Trials
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2000 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts