This chapter speaks to Vulnerabilities in Windows and Linux operating systems. As a security tester it is vital to be able to identify potential security problems and correct such weaknesses. A good website for determining vulnerabilities for any operating system is www.cve.mitre.org. This site can also be used to test a Windows computer and make sure it has current updates as well as patches. The following areas are potential locations for a security breach:
• Windows file Systems
• File Allocation Table
• NTFS (New Technology File Systems)
• Remote Procedure Call
• NetBios
• Server Message Block
• Common Internet File System
• Null Sessions
• Web Services
• SQL Server
• Buffer Overflows
• Passwords and Authentication
Some tools to help find vulnerabilities are eEye Retina, Tenable Nessus, QualysGuard, GFI Languard, and IBM Internet Scanner and OpenVas. All these scanners can be used on both Linux and Windows operating systems.
However built into Windows is MBSA (Microsoft Baseline Security Analyzer) which has the capabilities of checking for patches, security updates, service packs, and hotfixs. It can also address the concern right away.
The following list is ways to help make your computer more secure:
• Patching Systems
• Antivirus Solutions
• Enable Logging and Review Logs Regularly
• Disable Unused and Filtering Ports
The chapter continues with Linux operating system vulnerabilities and tools to identify these issues. There are several Lab activities throughout the chapter which give you some hands on experience.
No comments:
Post a Comment