Scribd Logo
Upload

Welcome to Scribd!

  • Vulnerability Assessment Report: © Vista Infosec

    Uploaded by

    Wade Patton
    66 views14 pages
    VISTA InfoSec was engaged by bank to perform vulnerability assessment of their infrastructure. Scope of Testing included IP addresses / hosts 192.168.1.160 and 192.169.1.163. A Total of 3144 vulnerabilities were found in the bank's infrastructure servers.

    Original Description:

    Original Title

    Main(9)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    VISTA InfoSec was engaged by bank to perform vulnerability assessment of their infrastructure. Scope of Testing included IP addresses / hosts 192.168.1.160 and 192.169.1.163. A Total of 3144 vulnerabilities were found in the bank's infrastructure servers.

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    66 views14 pages

    Vulnerability Assessment Report: © Vista Infosec

    Uploaded by

    Wade Patton
    VISTA InfoSec was engaged by bank to perform vulnerability assessment of their infrastructure. Scope of Testing included IP addresses / hosts 192.168.1.160 and 192.169.1.163. A Total of 3144 vulnerabilities were found in the bank's infrastructure servers.

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    VISTA InfoSec

    CONFIDENTIAL

    VULNERABILITY ASSESSMENT REPORT

    For

    VISTA
    Ltd.

    InfoSec

    Pvt.

    VERSION: 1.0

    DATE:

    This document contains confidential information of highly sensitive nature. Reproduction or distribution
    without the express written permission of InfoSec or the client named above is strictly prohibited

    Vulnerability Assessment Report

    Page 1

    VISTA InfoSec

    CONFIDENTIAL

    Table of Contents
    Section 1. Executive Summary
    1.1

    Background

    1.2

    Objectives

    1.3

    Scope of Testing

    1.4

    Vulnerability Summary

    1.4.1 Number of Issues (Total 3144)


    1.4.2 Vulnerable Operating System
    1.5

    Methodology

    1.6

    Milestones

    1.7

    Report Presentation

    Section 2.
    2.1
    Section 3.
    3.1
    Section 4.

    Major Findings
    Security Issues per Host
    Phase 1- Discovery
    Discovered Hosts
    Phase 2- Vulnerability Analysis

    4.1.1

    IP-192.168.1.160

    / Hostname-ECCPRD1

    4.1.2

    IP-192.168.1.163

    / Hostname-SAPCLUSTER

    4.1.3

    IP-192.168.1.165

    / Hostname-FIL-HO-SVR07

    4.1.4

    IP-192.168.1.166

    / Hostname-FIL-HO-SVR-08

    4.1.5

    IP-192.168.1.167

    / Hostname-BI-PRD

    4.1.6

    IP-192.168.1.172

    / Hostname-SAPPI

    4.1.7

    IP-192.168.1.173

    / Hostname-NAVISION

    4.1.8

    IP-192.168.1.174

    / Hostname-FIL-NZ-SRV-018

    Vulnerability Assessment Report

    Page 2

    VISTA InfoSec

    CONFIDENTIAL

    4.2.1

    IP-192.168.1.240

    / Hostname--

    4.2.2

    IP-192.168.1.200

    / Hostname--

    Section 5. Malware Kits


    Section 6. Revision History

    Vulnerability Assessment Report

    Page 3

    VISTA InfoSec

    CONFIDENTIAL

    Section 1. Executive Summary


    1.1 Background
    IT Security Compliance regulations, internal audit guidelines and Risk Assessment require
    organization to conduct in-dependent testing of the Information Security Program to identify
    vulnerabilities that could result in unauthorized disclosure, misuse, alteration, or destruction
    of confidential information, including Non-Public Personal Information (NPPI). As part of
    organization best practices it should perform vulnerability assessment scanning in order to
    ensure the security of their infrastructure servers, for which VISTA InfoSec was engaged by
    Bank Ltd. to perform vulnerability assessment of their Infrastructure.

    1.2 Objectives
    Examine IT systems for weaknesses that could be used by attackers to disrupt the
    confidentiality, availability, or integrity of the network, thereby allowing the organization to
    address each weakness.

    1.3 Scope of Testing


    The following Bank Ltd. hosts were in scope and included in this security test:
    IP Address/Hosts
    192.168.1.160
    192.168.1.163
    192.168.1.165
    192.168.1.166
    192.168.1.167
    192.168.1.172
    192.168.1.173
    192.168.1.174
    192.168.1.240
    192.168.1.200

    Vulnerability Assessment Report

    Page 4

    VISTA InfoSec

    CONFIDENTIAL

    1.4 Vulnerability Summary


    This report contains the results of a security audit performed by VISTA InfoSec Pvt. Ltd. It
    contains confidential information about the state of your infrastructure. Access to this
    information by unauthorized personnel may allow them to compromise your network

    During this test, .....hosts were discovered. The scan revealed ....high severity issues,
    .....medium severity issues and ..... low severity issues.

    1.4.1

    Number of Issues

    Vulnerability Assessment Report

    (Total 694)

    Page 5

    VISTA InfoSec

    CONFIDENTIAL

    1.4.2 Vulnerable Operating System

    Vulnerability Assessment Report

    Page 6

    VISTA InfoSec

    CONFIDENTIAL

    1.5 Methodology
    VISTA InfoSec consultants follow the below mentioned methodology while performing all
    security audits. The methodology is broken down into three phases:
    Discovery:
    Foot-printing
    Network Scanning
    Vulnerability Analysis:
    Enumeration
    Vulnerability Scanning
    Reporting:
    Executive Summary
    Business & Technical Risks and Recommendations
    Details and Exposure of Vulnerabilities
    VISTA InfoSec consultants used the above mentioned methodology to perform the
    vulnerability assessment of the Bank Ltd. Infrastructure.

    1.6 Mileston
    es
    Milestone / Deliverable

    Date

    Start of the Assignment

    08/07/2014

    Final Deliverable

    08/07/2014

    Vulnerability Assessment Report

    Page 7

    VISTA InfoSec

    1.7

    CONFIDENTIAL

    Report Presentation

    Below is the presentation used for reporting the vulnerabilities found in the Hosts during
    this assessment. We have followed the following representation:
    Active Services
    List of active services found on that particular host at the time of assessment. The
    services are mentioned with Port Numbers, the protocol they use and service
    information.
    Vulnerability Overview
    Summarization of the list of vulnerabilities found as per severity.
    Vulnerabilities

    Vulnerability Assessment Report

    Page 8

    VISTA InfoSec

    Vulnerability

    Severity

    CONFIDENTIAL

    Title of the vulnerability/risk.

    The threat impact rating for that particular vulnerability/risk.

    HIGH

    The impact after exploitation of the


    vulnerability on the system would be High. It
    allows the attacker to gain full administrative
    access to the system.

    MEDIUM

    The impact after exploitation of the


    vulnerability on the system would be
    moderate. It allows the attacker to gain full
    administrative access to the system via
    privilege escalation or using any other
    supporting vulnerability.

    LOW

    The impact after exploitation of the


    vulnerability on the system would be Low. It
    allows the attacker to enumerate crucial
    information about the system/application.
    This shall help him build attack vectors to
    gain access to the system.

    Port

    The associated Port number for that particular vulnerability/risk.

    CVSS Score

    The Common Vulnerability Scoring System (CVSS) provides an open framework


    for communicating the characteristics and impacts of IT vulnerabilities.

    Ease
    of
    Exploitation

    The exploitation rating for that particular vulnerability/risk.

    Vulnerability Assessment Report

    Page 9

    VISTA InfoSec

    CONFIDENTIAL

    Section 2. Major Findings


    This section lists problems including Hosts with most security issues

    2.1

    Security Issues per Host


    Hosts

    High

    Medium

    Low

    Total

    192.168.1.160

    103

    26

    130

    192.168.1.163

    106

    26

    133

    192.168.1.165

    21

    22

    46

    192.168.1.166

    44

    20

    66

    192.168.1.167

    116

    35

    153

    192.168.1.172

    71

    19

    92

    192.168.1.173

    15

    192.168.1.174

    27

    16

    45

    192.168.1.200

    192.168.1.240

    Vulnerability Assessment Report

    Page 10

    VISTA InfoSec

    CONFIDENTIAL

    Section 3. Phase 1- Discovery


    This phase aims at identifying all potential assets for security audit. Nmap was used
    for network port scanning and foot-printing of the network services. Manual inspection
    was also conducted using Trace-Route and DNS requests to the network name
    servers. Details are listed below.

    3.1

    Discovered Hosts

    Address

    Hostname

    OS Name

    192.168.1.160

    ECCPRD1

    WINDOWS SERVER 2008 ENTERPRISE


    SP2

    192.168.1.163

    SAPCLUSTER

    WINDOWS SERVER 2008 ENTERPRISE


    SP2

    192.168.1.165

    FIL-HO-SVR07

    WINDOWS SERVER 2008 ENTERPRISE


    SP1

    192.168.1.166

    FIL-HO-SVR-08

    WINDOWS SERVER 2008 ENTERPRISE


    SP1

    192.168.1.167

    BI-PRD

    WINDOWS SERVER 2008 ENTERPRISE


    SP2

    192.168.1.172

    SAPPI

    WINDOWS SERVER 2008 ENTERPRISE


    SP2

    192.168.1.173

    NAVISION

    WINDOWS SERVER 2008 R2 STANDARD


    SP1

    192.168.1.174

    FIL-NZ-SRV-018 WINDOWS SERVER 2008 R2 STANDARD


    SP1

    192.168.1.240

    SONICOS ENHANCED 5.8.1.5-46O

    192.168.1.200

    SONICOS ENHANCED 5.8.1.5-46O

    Vulnerability Assessment Report

    Page 11

    VISTA InfoSec

    CONFIDENTIAL

    Section 4. Phase 2- Vulnerability Analysis


    4.1.1

    IP-192.168.1.160

    /Hostname-ECCPRD1

    Please click here to view the detail vulnerability assessment for this host.

    4.1.2

    IP-192.168.1.163

    /Hostname-SAPCLUSTER

    Please click here to view the detail vulnerability assessment for this host.

    4.1.3

    IP-192.168.1.165

    /Hostname-FIL-HO-SVR07

    Please click here to view the detail vulnerability assessment for this host.

    4.1.4

    IP-192.168.1.166

    /Hostname-FIL-HO-SVR-08

    Please click here to view the detail vulnerability assessment for this host.

    4.1.5

    IP-192.168.1.167

    /Hostname-BI-PRD

    Please click here to view the detail vulnerability assessment for this host.

    4.1.6

    IP-192.168.1.172

    /Hostname-SAPPI

    Please click here to view the detail vulnerability assessment for this host.

    4.1.7

    IP-192.168.1.173

    Vulnerability Assessment Report

    /Hostname-NAVISION

    Page 12

    VISTA InfoSec

    CONFIDENTIAL

    Please click here to view the detail vulnerability assessment for this host.

    4.1.8

    IP-192.168.1.174

    /Hostname-FIL-NZ-SRV-018

    Please click here to view the detail vulnerability assessment for this host.

    4.2.1

    IP-192.168.1.240

    /Hostname--

    Please click here to view the detail vulnerability assessment for this host.

    4.2.2

    IP-192.168.1.200

    /Hostname--

    Please click here to view the detail vulnerability assessment for this host.

    Vulnerability Assessment Report

    Page 13

    VISTA InfoSec

    CONFIDENTIAL

    Section 5. Revision History


    Version

    Date

    Name

    1.0

    21-3-2014

    IS Consultant Security Management Services Vulnerability Assessment Report

    Vulnerability Assessment Report

    Description

    Page 14

    You might also like