Security in Today's WorldWritten by Paul Bliss
Continued from page 1
With advances of technology, monthly fees for home security monitoring are reasonable for service they provide. Be warned: not all monitoring companies have same capabilities when it comes to quick response. Thatís one reason why itís a good idea to make sure that any security company you choose has a UL certification. This can be critical as it indicates that security company has met stringent standards for management system compliance (such as a back up source of power). The same methodology should apply for a security software provider. Just because they say theyíre best, doesnít mean that they are. Due diligence is userís responsibility. Your information is too valuable to be taken lightly.
Both home security and cyber security are similar to having insurance. You have it, but you hope you never need it. And if you do need it, you want a company or vendor that has a history of excellent customer service.
There are those people who think that having a firearm is all they need for protection. While that may hold true in some form, a firearm wonít let you know if someone is trying to enter your home through back door while you are sleeping and notify you or authorities. Another common perception is that a watchdog will alert a homeowner to intrusion, but again, manís best friend sleeps 10 to 12 hours a day and canít notify police.
There are some computer users who claim that they can detect a virus by email that is sent with some obvious taglines meant for user to open and infect machine. Not all viruses are in emails, although that is most common form. They can also be uploaded to a website, or embedded in Java Applets or Active X controls.
Trojans, which can log all of users keystrokes and sites visited, are secretly downloaded in form of free games or free software, and are undetectable by anti-virus software. This is preferred method of attack by a hacker on a machine. By not altering performance of a machine (like a virus or worm does), user blissfully continues to use their machine to make online purchases, and enter sensitive information, thinking they are secure, while Trojan secretly records all of information and will simply send all of userís information at designated intervals to hacker.
Many times a decision about security measures for your home or computer is based on budgetary constraints. But always consider what it is that you are protecting and how much you would pay to get back whatever was stolen, lost or destroyed if an unfortunate event occurred in your life.
Paul has been involved in network security for over 4 years and is still looking for answers!
Running your first scan using NessusWXWritten by Lew Newlin
Continued from page 1
Performing Your First Scan
To perform your first vulnerability scan, you must create a Session (job) outlining targets and scanning options desired.
- Click menu selection Session/New;
- You will be prompted to enter a session name or accept default of "Session1". Enter "First Scan", leave "Define additional properties" checked, click <Create>;
- At "Session Properties - Test Scan", click "Targets" tab, then click <Add>;
- At "Add Target" screen you have option of entering a single host, a subnet, or IP range depending on scanning needs. For our test session, select a single IP address and enter IP or Host name of your workstation, click <Ok>;
- Click <Apply>.
- Click "Options" tab:
- Change "Maximum simultaneous" default value if needed;
- Change "Security checks per host" default value if needed;
- "General scan options/Enable plugin dependencies". Nessus uses many plugins (tests) that require use of other plugins to operate correctly. Checking this box permits Nessus to automatically enable dependencies as needed. For our test scan, "Enable plugin dependencies" should be checked;
- "General scan options/Do reverse DNS lookups" simply performs a DNS lookup on target to determine host name. For our test scan, check "Do reverse DNS lookups";
- "General scan options/Safe checks". As stated previously, Safe Checks disables most dangerous scripts from executing and instead relies on banner information to determine vulnerability rather than exploiting real flaw. For our test scan, leave "Safe checks" checked;
- "General scan options/Optimize test" lets Nessus avoid all apparently irreverent tests. For example, tests will not be conducted for web site unless a web site is detected. For our test scan, leave "Optimize test" checked;
- "General scan options/Resolve unknown services" will permit Nessus to resolve any unknown services that may be operating on system. For our test scan, leave "Resolve unknown services" checked;
- "Path to CGIís". Nessus has ability to check for generic CGI vulnerabilities that may be present. For our test scan, leave "Path to CGIís" at default of "/cgi-bin";
- "Interface options" permits you to limit results that are displayed on screen while scanning is occurring. For our test scan, leave both items unchecked to display maximum amount of information;
- Click <Apply>.
- Click "Port scan" tab:
- "Port range to scan" permits you to enter ports Nessus will scan. For our test scan, we will use default of "Privileged ports (1-1024)";
- "Port scanners" permits use of a wide range of port scanners depending on your needs. For our test scan, leave default of "Ping report host" and "tcp connect scan" checked.
- Click <Apply>.
- Click "Connection" tab will permit you to enter and store specifics about Nessus server to be used for session. Since we are currently connected to a specific Nessus server, no need exists to enter this information for our test scan;
- Click "Plugins" tab:
- To test for system vulnerability we must enable plugins. Check "Use session-specific plugin" checkbox. You will notice that currently "0 plugins currently are selected for execution";
- Click "Select plugins" button to display "Plugin List" screen. For our test scan, click "Enable All" button, click <Yes>, when prompted with "Do you wish to enable all port scanners as well", click <Close>. You will notice that 2400 or so plugins are now selected for execution;
- Click <Apply>.
- Click "Comments" tab and input any remarks you have concerning this session or its settings, then click <Ok> to save your Session;
To execute Session, right-click on icon and then select <Execute>. When prompted at "Execute Session" screen simply click Execute and vulnerability scanning will commence.
Take some time, experiment, and learn what NessusWX and Nessus have to offer. Patch systems and rescan to verify vulnerability have been closed. Using NessusWX and Nessus will permit you to find system vulnerabilities before hackers and virus/worm writers have opportunity to do it for you.
Lew Newlin is CTO of Information Solutions, Inc. that operates SiteRecon.com. SiteRecon specializes in security, email monitoring, and web site monitoring for Internet service providers and businesses.