The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/810339
22 PEER TO PEER: THE QUARTERLY MAGAZINE OF ILTA | SPRING 2017 BEST PRACTICES Vulnerability Scanning Best Practices Vulnerability Scanning Best Practices Do your initial scan aer business hours or on a weekend. Older devices, such as those running out-of-date soware, can lock up or reboot when scanned, which is something you want to avoid during production hours. Start by scanning just a portion of your network. This will give you a good feel for how well your network holds up to the scan traffic and how long each scan will take to complete. Having this information will be valuable once you are ready to script the scans to run automatically, likely during evening or weekend hours. A Popular Tool There are many tools available to get the job done, ranging from free to thousands of dollars. One popular tool is Nmap, which comes preinstalled in the popular (and free) Kali Linux distribution. Nmap has been around since 1997 and runs on just about any operating system. Nmap is extremely well-documented; there are countless articles online and entire books wrien about it. Other Tools If you would rather steer clear of all this command line kung fu, there are many other solutions available that can make vulnerability scanning a more point- and-click experience. The previously mentioned Kali Linux distribution comes with a free web GUI-based vulnerability scanner called OpenVAS that can be installed in a few commands. Another popular option is Nessus, which is typically known as a vulnerability scanner, but can also audit systems against compliance standards such as PCI and HIPAA. Nessus has a free version that allows you to scan up to 16 IP addresses and a professional edition for about $2,000. To get the best value out of your vulnerability scanning data, use a tool that can do authenticated scanning. For example, in an Active Directory environment, you could configure a job that allows the scanner to connect to each machine using a Domain Administrator account. Doing so allows the scanner to do a deeper dive into each system, identify patches that might be missing from the operating system and installed applications, and discover additional risks, such as suspicious processes or the presence of malware. Before You Scan If this is your first venture into the exciting world of finding vulnerabilities, there are precautions you should consider before kicking off your first scan. BRIAN JOHNSON Brian Johnson is a Senior Security Engineer for Emergent Networks in Edina, Minnesota. He also produces 7 Minute Security, a weekly blog and podcast dedicated to teaching others about information security. Brian can be contacted at brianj@emergentnetworks.com. by Brian Johnson Vulnerability scanning is critical to the health and security of network infrastructure, but many companies are still not doing it regularly — some are not doing it at all. They might not realize that when carefully planned and executed, vulnerability scanning can be easy, effective and low-cost.