Professional Documents
Culture Documents
1 Purpose
This document discusses the planning, execution, and reporting of a Vulnerability
Assessment (VA) performed on a single host with IP address 192.168.1.138.
This document lists the steps in the VA process and suggests resources or tools that
can help. Upon completion of the VA, findings will be reported in a remediation
plan.
2 Scope
The internal vulnerability scan is used to gather data to assess the effectiveness of
security control measures on a host. The host was scanned using a laptop plugged
into the 192.168.1.0/24 network and given an IP address of 192.168.1.126 (Guest OS
– Kali Linux).
3 Process Overview
Vulnerability scans always run the risk of affecting hosts in a negative way, either
slowing performance or even causing a crash. Aggressive scan settings will not be
used to try to reduce this risk as much as possible.
a. Discovery of host
Approach: For the specified network, verify the host is discoverable.
Document the execution of this activity and include the following as appropriate:
- Methodology utilized to obtain the list of hosts on the network (i.e. Nmap scan,
etc.).
- Scan result data, screenshots, or other appropriate evidence demonstrating
methodology.
Document the execution of this activity and include the following as appropriate:
- Methodology used to enumerate network accessible ports and services along
with associated vulnerabilities (i.e. Nessus, OpenVAS, etc.).
- Identification of any service vulnerabilities.
1. Host Discovery
a. Method Used
Nmap scan
# nmap -O 192.168.1.138
b. Results
192.168.1.138 Host (Linux 2.6.9-2.6.33)
b. Results
Open TCP Ports
21, 22, 23, 25, 53, 80, 111, 139, 445, 512, 513, 514, 1099, 1524, 2049, 2121,
3306, 3632, 5432, 5900, 6000, 6667, 6697, 8009, 8180, 8787, 37377, 40932,
52248, 60432
b. Results
Metasploitable2_Vu
ln_Scan.pdf
c. Evidence of Method Used
4. Disclosures
A vulnerability assessment is a point-in-time analysis. New vulnerabilities may be
introduced with any changes to the host, even new patches. Annual vulnerability
assessments are recommended.