DFN5033 NETWORK

SECURITY
Sesi Jun 2018
Page 1
 DFN5033 PRACTICAL TASK
AST – PRACTICAL TASK 4 (20%)

CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS

CHAPTER 3 - SECURITY DEVICES AND TECHNOLOGIES
CHAPTER 4 - HARDENING OPERATING SYSTEMS
CHAPTER 5 – PHYSICAL SECURITY

Page 2
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
Vulnerabilities Assessment Tools
1. SAINT - SAINT is a commercial vulnerability assessment
tool. It used to be free and open source but is now a
commercial product. SAINT runs on Linux and Mac OS
X. In fact, SAINT is one of the few scanner vendors that
don't support (run on) Windows at all.
http://www.saintcorporation.com
2. Nessus
3. Nmap
4. Ethereal
5. Sandcat Scanner
Page 3
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
Vulnerabilities Assessment Tools
1. SAINT
2. Nessus - Nessus is one of the most popular and capable
vulnerability scanners, particularly for UNIX systems. It was
initially free and open source, but they closed the source
code in 2005 and removed the free "Registered Feed"
version in 2008. A free “Nessus Home” version is also
available, though it is limited and only licensed for home
network use. Key features include remote and local
(authenticated) security checks, a client/server architecture
with a web-based interface, and an embedded scripting
language for writing your own plugins or understanding the
existing ones. Page 4
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
Vulnerabilities Assessment Tools
3. Nmap - Network Mapper is a free and open source utility for
network discovery and security auditing. Many systems and
network administrators also find it useful for tasks such as
network inventory, managing service upgrade schedules, and
monitoring host or service uptime.
- Nmap uses raw IP packets in novel ways to determine what
hosts are available on the network, what services (application name
and version) those hosts are offering, what operating systems (and
OS versions) they are running, what type of packet filters/firewalls
are in use, and dozens of other characteristics.
- Nmap runs on all major computer operating systems, and
official binary packages are available for Linux, Windows, and Mac
OS X Page 5
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
Vulnerabilities Assessment Tools
4. Ethereal - Ethereal is a freely available open source program
that runs on almost any operating system. Data from a
network scan can be scanned in real time or scanned and
saved for analyzing later. Ethereal is a powerful and useful
tool for monitoring network traffic. You can use it as an aid
to determine what kind of traffic is running on your
network as well as exactly what is inside each packet going
across your network.
5. Sandcat Scanner

Page 6
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
Vulnerabilities Assessment Tools
5. Sandcat Scanner - Web Application Security Scanner, it is a
great tool to scan a web application for different
vulnerabilities. Sandcat is available on windows based
operating system.

Page 7
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
CHAPTER 3 - SECURITY DEVICES AND TECHNOLOGIES
CHAPTER 4 - HARDENING OPERATING SYSTEMS
CHAPTER 5 – PHYSICAL SECURITY

Page 8
 DFN5033 PRACTICAL TASK
CHAPTER 3 - SECURITY DEVICES AND TECHNOLOGIES
IDS Tools To Monitor System Activities
1. Snort
2. BlackICE
3. M-ICE
4. Secure4Audit
5. EMERALD
6. IDES
7. SecureHost

Page 9
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
CHAPTER 3 - SECURITY DEVICES AND TECHNOLOGIES
CHAPTER 4 - HARDENING OPERATING SYSTEMS
CHAPTER 5 – PHYSICAL SECURITY

Page 10
 DFN5033 PRACTICAL TASK
CHAPTER 2 - VULNERABILITIES, THREATS AND ATTACKS
CHAPTER 3 - SECURITY DEVICES AND TECHNOLOGIES
CHAPTER 4 - HARDENING OPERATING SYSTEMS
CHAPTER 5 – PHYSICAL SECURITY

Page 11