How to Identify Server Vulnerabilities and Services when Conducting Security Assessment

One of the method that hackers are able to hack into a computer / server is by exploiting the vulnerabilities of the operating systems or via active services in the server. Don’t be surprised there may be other active Windows services running in your PC or Server that you do not require. You do not conquer hacking but with these services and Operating Systems patches up to date, it is harder for hackers to penetrate into your systems.

I have conducted Security Assessment for a number of companies’ servers and have observed services such as FTP, IIS, SMTP, SQL running in their servers that the administrators are not aware of.

The rule of thumb is ensure your server or PC is patched up to date and unnecessary services disabled. If there is budget to spare, invest in a reputable IPS (Intrusion Prevention Systems) to complement the firewall.

An intruder with some basic attacking skills can break into a server (even remote control the server) by exploiting the vulnerabilities if they are not patched properly. Once the intruder has command line access to the server, he/she can then escalate to superuser status (there are a number of ways to do that). This is where real damage can be done.

Further, he/she can then use this server as a platform to attack other servers. I have conducted penetration test in a test environment and it is not that difficult to break into a Window server. So it is best that these threats are not taken lightly and secure them by applying the latest patches and disable services that are not required.

How to Check for Vulnerabilities

a) One of the tools to check for vulnerabilities and services is by running Nessus Vulnerability Scanner.

b) Once you have download and install Nessus, please ensure you get the latest vulnerabilities update so that it can detect the recent threats. This is a great tool as it is fast and simple to use.

c) Simply type in the IP Address for the server to be scanned and start the scanning.

d) Nessus will then produce a Web-Based report of the discovered vulnerabilities.

Source by Gabriel Py Ng

Leave a Reply

Your email address will not be published. Required fields are marked *