02233

Netværkssikkerhed
Network Security

• Introduktion
• Nessus Scan
• Nessus Questions
  • Question 1
  • Question 2
  • Question 3
  • Question4
  • Question 5
  • Question 6
  • Question 7
  • Question 8
  • Question 9
  • Question 10
  • Question 11
  • Question 12
  • Question 13
  • Question 14
  • Question 15
  • Question 16
  • Question 17
  • Question 18
  • Question 19
  • Question 20
  • Question 21
  • Question 22
  • Question 23
  • Question 24
  • Question 25
• Snort Questions
• References

Question 24

What other approaches could be applied for vulnerability checks?

• Other approaches could include Social engineering (per phone and on-site).
• And trying to reveal poorly chosen shared secrets and passwords using brute force attacks.
• How are data and servers protected fysically ?
• Are the log files monitored, secured and set up correctly ?
• Does the company have any recovery plans and have they tested their data backups.
• We can also attempt to perform a 'Man-in-the-middle', flooding and Wi-Fi attacks.
• Is paper maculated before leaving the building ?
• How much information can be gathered by legally queyring public databases and telnet company servers ?
• Does the IT department detect if a packet sniffer is installed ?

Bjarne D Mathiesen

Michael Pantridge

Thabet Al-Assdi

Chang Jensen