Network & Operating System Vulnerability Assessment
Vulnerabilities exist at many layers in the computing world. NeXpose tests multiple layers because failing to do that can result in your secure web server being lifted in its entirety through your database access mechanism! There are any number of additional scenarios in which access to one system can grant access to another.
Network and OS Layer
The first step in securing your IT environment is to ensure all systems and network devices have been properly audited and exposures eliminated. Starting with firewalls, there are two classes of vulnerability - mis-configuration, and firmware bugs - that can allow entry to non-authorized users. Most firewall vendors have a list of patches that should be used to bring a firewall up to date. NeXpose examines the firewall and determines whether the firmware revisions are current. If the current code is not running NeXpose looks up the vulnerabilities known to be available within the running operating environment and exercises those to access system behind the firewall.
Mis-configuration can allow access to systems not authorized to be accessed: TCP port pings using port 80 are an example of this. If the firewall doesn't drop all packets on port 80 except to the web server, then the existence of a system and quite likely what operating system it is running will be exposed.
The expert system in NeXpose can use the information discovered in this scan mechanism to drive vulnerability testing of the discovered device. There are over 70 vulnerability tests against Cisco firewall alone. NeXpose users can use the external scanning engine to schedule penetration tests of their external environment to understand the access granted to anonymous users.
Operating System Layer
The operating system is the most critical component that needs to be prevented from attack. Access to an OS allows for the removal of anything on the device. Even if data is encrypted, it's removal and the potential for offsite analysis requires appropriate OS controls.
Unfortunately there are countless ways of accessing the operating system. Not only does the operating system provide its own access mechanisms such as remote access, RPC, CIFS, SAMBA, but higher level applications may have vulnerabilities that allow access to the operating system as well. For example, the undocumented Extended Stored Procedure named “xp_regread” which comes with Microsoft SQL Server can be used to read any registry entry. Anything that opens a port has the potential to provide access.
NeXpose scans Windows, Linux, Sun and Mac Operating Systems for over 6,000 vulnerabilities, as well as thousands more at the application layer to report vulnerabilities. The risk scores associated with an operating system are ranked according to the likelihood with which a system compromise will occur.
In most cases, access to a system is an ordered and normal state of affairs. To provide auditing capabilities as to what is accessible by whom, NeXpose also tests security policies. For Windows systems, NeXpose uses the Windows Group Policy Object files created by the security policy editor. NeXpose also test Unix and Linux systems for policy violations such as guessable passwords, file permissions and system account access.
Most vulnerability assessment scanners take a singular approach to scans by only looking at one aspect of your overall IT infrastructure. NeXpose enables organizations to audit their networks, track open vulnerabilities through resolution, and ensure policy compliance. To find out how NeXpose can help you eliminate vulnerabilities at all levels, request your 20 day evaluation today.