Friday, May 18, 2018

CCNA Cyber Ops Scholarship Program

I joined the CCNA Cyber Ops Scholarship Program (Cohort 6) early this year and started with the Understanding Cisco Cybersecurity Fundamentals (SECFND) course. It covers basic network security and a brief introduction to the Security Operations Center (SOC). The second half of the program is the Implementing Cisco Cybersecurity Operations (SECOPS) course, which covers the SOC role and learning various Network Security Monitoring (NSM) tools.

The scholarship program is four months long and they give free exam vouchers (including a retake voucher) for the two CCNA Cyber Ops exams: SECFND 210-250 and SECOPS 210-255. This is the certificate I've received after completing the SECFND online course.


This is the certificate after completing the SECOPS online course.


I just recently passed the SECFND 210-250 exam and still need to sit for the SECOPS 210-255 exam in order to become CCNA Cyber Ops certified. Wish me luck!

Friday, May 11, 2018

Nessus Vulnerability Scan

Vulnerability scanners are tools used to probe and reveal network security weaknesses. There are two types of vulnerability scanners:

Passive vulnerability scanners: A passive vulnerability scanner (PVS) monitors
network traffic at the packet layer to determine topology, services, and vulnerabilities. It
avoids the instability that can be introduced to a system by actively scanning for
vulnerabilities. Some examples of PVSs are the Tenable PVS and NetScanTools Pro.

Active vulnerability scanners: Whereas passive scanners can only gather
information, active vulnerability scanners (AVS) can take action to block an attack, such
as block a dangerous IP address. They can also be used to simulate an attack to assess
readiness. They operate by sending transmissions to nodes and examining the responses.
Because of this, these scanners may disrupt network traffic. Examples include Nessus
and Microsoft Baseline Security Analyzer (MBSA).


After installing Nessus, it will open a web browser and ask you to connect via SSL (port 8834).  Click Connect via SSL.


Create a login and click Continue.


Choose Scanner Type: Home, Professional or Manager (the free Home version is limited to scanning 16 IP addresses) > type the Activation Code > click Continue. You can obtain an activation code from this link and register using a non-public email account, i.e Gmail, Yahoo, etc.


Nessus will download its plugins from the cloud (plugins.nessus.org) which takes a few minutes to finish.



To perform a basic network vulnerability scan, go to Scans > My Scans > Create a new scan.



Choose Basic Network Scan.
 


Under Settings > Basic General > type a Name, Description, leave the default Folder: My Scans > type the IP address (in CIDR notation) under Targets.
 


You can configure a periodic scan under Settings > Basic > Schedule > modify the Frequency, Start time and Timezone. In this case I disabled the scheduled scan (default).
 


You can send the scan reports under Settings > Basic > Notifications > Email Recipient(s) > type the email address (separate by a comma). Note you need to configure your SMTP Server first.
 


Under Settings > Discovery > Scan Type > leave the default: Port can (common ports).
 


Under Settings > Assessment > Scan Type > leave the default: Default.



Under Settings > Report > leave the default options ticked.
 


Under Settings > Advanced > leave the default Scan Type: Default.
 


There's no need to add Credentials and Plugins in this case. Click Save at the bottom and the newly created scan appear.




Tick the created scan (SCAN-1) > click More > choose Launch.


Click Launch to continue.


The basic network scan will begin to run (green loading icon). The scan will run for several minutes and will depend how big the scanned IP range and active hosts.



It will show a check mark when it has finished running the scan.


Nessus will list the host and the vulnerabilities associated with it. This is the result of the vulnerability scan in my virtual lab.


Click on a specific host/IP address to list all of its vulnerabilities. This is the vulnerability scan of my Metasploitable Linux machine. Notice there's a lot of vulnerabilities which is intended on this machine.


Click a specific vulnerability to display its severity, description and patching solution.


This is the vulnerability scan of my Windows 7 machine (where Nessus is installed). It was included since it's part of the 192.168.1.0/24 range.



This is the vulnerability scan of my Windows 2012 R2 server.


This is the vulnerability scan of my Ubuntu Linux machine.


This is the vulnerability scan of my Kali Linux machine.


This is the vulnerability scan of my Cisco IOU Layer 2 Switch.


This is the vulnerability scan of my Cisco ASA firewall.


You can also export the results on a PDF report. Just click Export > PDF > choose Executive Summary > then Export.