Step 1: Open the SANS Top 20 List
Using a web browser, go to http://www.sans.org/. On the resources menu, choose top 20 list.
The SANS Top-20 Internet Security Attack Targets list is organized by category. An identifying letter
indicates the category type, and numbers separate category topics. Router and switch topics fall under the
Network Devices category, N. There are two major hyperlink topics:
N1. VoIP Servers and Phones
N2. Network and Other Devices Common Configuration Weaknesses
Step 2: Review common configuration weaknesses
a. Click hyperlink N2. Network and Other Devices Common Configuration Weaknesses.
b. List the four headings in this topic.
Deskripsi
Common Default Configuration Issues
Kerentanan pada printer
Step 3: Review common default configuration issues
Review the contents of N2.2 Common Default Configuration Issues. As an example, N.2.2.2 (in January
2007) contains information about threats associated with default accounts and values. A Google search on
“wireless router passwords” returns links to multiple sites that publish a list of wireless router default
administrator account names and passwords. Failure to change the default password on these devices can
lead to compromised security and vulnerability to attackers.
Step 4: Note the CVE references
The last line under several topics cites references to CVE or Common Vulnerability Exposure. The CVE name
is linked to the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD),
sponsored by the United States Department of Homeland Security (DHS) National Cyber Security Division
and US-CERT, which contains information about the vulnerability.
Step 5: Investigate a topic and associated CVE hyperlink
The remainder of this lab walks you through a vulnerability investigation and solution.
Choose a topic to investigate, and click on an associated CVE hyperlink. The link should open a new web
browser connected to http://nvd.nist.gov/ and the vulnerability summary page for the CVE.
NOTE: Because the CVE list changes, the current list may not contain the same vulnerabilities as
those in January 2007.
Step 6: Record vulnerability information
Complete the information about the vulnerability. Answers vary
Original release date:
Last revised:
Source:
Overview:
Step 7: Record the vulnerability impact
Under Impact, there are several values. The Common Vulnerability Scoring System (CVSS) severity is
displayed and contains a value between 1 and 10.
Complete the information about the vulnerability impact. Answers vary
CVSS Severity:
Access Complexity:
Authentication:
Impact Type:
Step 8: Record the solution
The References to Advisories, Solutions, and Tools section contains links with information about the
vulnerability and possible solutions.
Using the hyperlinks, write a brief description of the solution found on those pages.
Step 9: Reflection
The number of vulnerabilities to computers, networks, and data, continues to increase. Many national
governments have dedicated significant resources to coordinating and disseminating information about
security vulnerability and possible solutions. It remains the responsibility of the end user to implement the
solution. Think of ways that users can help strengthen security. Write down some user habits that create
security risks.
Penggunaan kata sandi yang lemah
Penulisan kata sandi
Tidak mengubah kata sandi secara teratur
Tidak mengamankan workstation ketika tidak dipakai
Tidak mengikuti prosedur ketika membocorkan informasi jaringan
Tidak ada komentar:
Posting Komentar