Imagine a system administrator learns of a serverâ€™s vulnerability, and a service patch is available to solve it. Unfortunately, simply applying a patch to a server is not assurance enough that a risk has been mitigated. The system admin has the option of opening the application and verifying that the patch has raised the version number as expected. Still, the admin has no guarantee the vulnerability is closed, at least not until the vulnerability is directly tested. Thatâ€™s what vulnerability scanners are for.
Two vulnerability scanners available to the system administrator are NmapÂ® and NessusÂ®, which produce scan reports. The purpose of using ZenmapÂ® GUI (Nmap) and NessusÂ® reports is to enable you to create network discovery port scanning reports and vulnerability reports. These reports can identify the hosts, operating systems, services, applications, and open ports that are at risk in an organization.
In this lab, you will look at an NmapÂ® report and a NessusÂ® report. You will visit the http://cve.mitre.org Web site, you will define vulnerability and exposure according to the site, and you will learn how to conduct searches of the Common Vulnerabilities and Exposures (CVE) listing.
Upon completing this lab, you will be able to:
Review a ZenmapÂ® GUI (Nmap) network discovery and port scanning report and a NessusÂ® software vulnerability report.
Identify hosts, operating systems, services, applications, and open ports on devices from the ZenmapÂ® GUI (Nmap) scan report.
Identify critical, major, and minor software vulnerabilities from the NessusÂ® vulnerability assessment scan report.
Visit the Common Vulnerabilities and Exposures (CVE) online listing of software vulnerabilities at http://cve.mitre.org and learn how to conduct searches on the site.
Complete Lab #5, found on pages 38-43 of your Lab Manual.
Upon completion of this lab, you are required to provide the following deliverables to your instructor:
1. Lab Report file;
2. Lab Assessments file.