All Posts

Topics

Cybersecurity
Cloudcomputing

Share

Project
5 min read

Vulnerability Management

Overview

Vulnerability Management means continually assessing your assets, discovering vulnerabilities, remediating them to an acceptable risk and then repeating the process again.

 

Download and install Nessus on your computer. I would recommend saving the localhost link in a notepad, or somewhere easily accessible.

Click advanced and proceed and start a trial of Nessus Essentials. Skip and use the activation code that was sent to your email. Once everything finishes downloading, go through the VMWare prompt and restart your computer. Next make sure a copy of your Windows ISO is ready to be used.

 

Go to VMWare >New Machine > find where your file is located and store it. Then you want to change the Network Adapter NAT to bridged. Essentially what this does is puts this Virtual machine on the same network as physical computer so that the Nessus machine can talk to it.

Install Windows 10 Pro without a license key, accept terms, do a custom install and choose Drive 0. Go through the language prompts, next, next > skip keyboard layout > set up for personal use > offline account > limited experience and name this admin. Make a simple password. Install additional VMware Tools as well.

If your bridged connection is having trouble connecting to the internet for that there is a solution. Go to your folder within your VM, This PC and go to your C Drive.

In our VM, type wf.msc and open the firewall. Go to Windows Defender and Firewall Properties and turn everything off.

 

The IP address of my VM for this lab is 192.168.1.1.  Now I go to Nessus and create a new scan. Choose Basic Network Scan

For targets, I chose my IP.

On the credentials page you can enter the credentials and the scanner goes more in depth through the registry. This allows you to find more vulnerabilities.

Go ahead and pressure then check the scan and click Launch. When the scan is launched you will see different information.

Depending on the organization a lot of them won't touch medium or lows, because critical and highs take precedence. INFO doesn’t mean that it is automatically a vu

The next step is to set up the virtual machine to accept credentialed scans. Open up services.msc,

First enable remote registry which will allow scanner to look through the registry.

Next just make sure that file and printer sharing is already on by searching it.

Since the computer is not on the domain we have to do another work around, although not recommended for an organization. We will go to User Account control settings and disable it.

Lastly, go to the registry and further disable the user control account. Go to reg edit and browse to location machine > software > Microsoft > windows >

Current Version >Policies > System. Inside of this folder we will create a RED_DWORD called LocalAccountTokenFilterPolicy and set value to 1.

Then close and restart the VM, then log in. Now the computer is ready for a credentialed scan. Go back to Nessus and add a set of Credentials

Now we are able to go back to scan and run it again. Now when we compare the results we see that the Credentialed scan offers us way more information to work with compared to the original scan. There is a big difference in doing Credential vs non Credentialed scan.

 

We can see the list of findings. Some will be mixed which is a combination of critical and highs. Something like Windows Edge can be remediated by updating Windows.

If we click on the remediation tab it gives us a high level instruction.  VPR top threats is what Tenable is recommending to fix. In an organization you would want to have

Windows patching deployed already so you don't have to deal with things that can be easily fixed with updates.

The next step is to download an outdated version of Firefox to the VM and then comparing the result. Download Firefox 3.6.12

 

Now rescan with the deprecated Firefox installed and compare the new results. There is a bunch more critical with the older Firefox. These vulnerabilities don't necessarily need to be updated one at

a time. Can be upgraded or uninstalled. The recommendation that we get is to run Firefox. The next step is to remediate as many vulnerabilities as we can. We will uninstall Firefox completely then update

Windows as completely as we can.  Go to uninstall and uninstall Firefox completely. Next go to Windows update and update Windows updates until you cannot run it any longer.

 

Now, when we go to our History we can see the difference that it makes when you update/uninstall. The remaining vulnerabilities are around Windows Edge.

Those are the core of vulnerability management. A lot more goes into it. In a big organization there is a standard, policies, and procedures to be done to scan. You want to reduce the amount of vulnerabilities are introduced.

Previous

network security and python software engineer

Next

Key Logger

CS

Pages
PortfolioResume
Contact
Linkedinjelani.bobcombe@gmail.com
© 2023 All rights reserved.
Cookies Settings