For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed? It is obvious that the first two vulnerabilities need to be fixed right away. These are vulnerabilities that would allow an adversary to gain access to the company network which is exactly what we don’t want. Another two that I saw was that the /doc directory was able to be navigated that could lead to an adversary discovering the versions of software on the system and finally there was the passwords being sent in cleartext. This could allow an adversary to gain access to different things on the system from the passwords not being encrypted.
1. How do you fix the problem(s) identified? Can you defer mitigation for another time? How can the problem(s) be fixed if the system cannot be taken offline? The first two vulnerabilities can likely be fixed with simple patching. It would not be wise to defer the mitigation because as we are learning about these vulnerabilities, an adversary could be learning at the same time. Most patching can be done without actually taking the system offline. For the other two issues that was pointed out, securing the /doc directory is simply going in and fixing the setting and that is the same for the cleartext passwords.
2. Since some machines were already scanned with OpenVAS, should you also consider scanning the same systems with Nessus? Why or why not? Absolutely yes. Nessus is much more robust and will gain more results then OpenVAS. This could show new vulnerabilities that was not previously shown therefore allowing the systems to be more secure.
4. Conduct open source research using the internet. Roughly, what is the cost to license Nessus for one year?
It is about 2,390 for one year, or $2,790 for one year with Advanced Support. If I were to get Nessus, I would definitely pay for the extra support to ensure that I was getting the most out of the tool.
Nessus. 2021. https://www.getapp.com/security-software/a/nessus/pricing/#:~:text=Nessus%20Essentials%20is%20available%20as%20a%20free%20download,or%20%242%2C790%20for%20one%20year%20with%20Advanced%20Support.
For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed?
I recommend fixing the High Threat Level threats from the system scan, which are 80/tcp and the General/tcp. On the High 80/tcp, there is a service called TWiki and it is prone to Cross Site scripting and various command execution vulnerabilities. The potential dangers is that attackers could cookie based credentials and exploit the machine via this service and port. The general/tcp is an alert showing end of life support for the operating system Ubuntu. EOL Operating Systems means that the vendor who used to support the OS no longer is, so if a new vulnerabilities are discovered, then it is an open way for attackers to compromise the system. That is unless the individual finds a way to mitigate it, which is unlikely. This makes the system also unreliable to help protect your company (Vinogradov, 2021).
How do you fix the problem(s) identified? Can you defer mitigation for another time? How can the problem(s) be fixed if the system cannot be taken offline?
All vulnerabilities in the system scan can be patched in some way by either using an updated vendor patch, replacing the OS, applying local mitigations to the problems, or even disabling the service if it is not needed for business operations. The mitigations are often listed in the system scan reports from the scanning tools.
Judy is considering asking the pen tester to rescan the company systems using the commercial tool, Nessus. The organization has an evaluation version that can be used for 30 days. After that, the company will need to purchase the tool. The cost is significant.
Since some machines were already scanned with OpenVAS, should you also consider scanning the same systems with Nessus? Why or why not?
Yes, all of the systems should be rescanned with Nessus. Nessus will likely have a different or more up to date scanning results for the systems in the business environment. Nessus has its own list of missing patches and various other Vulnerabilities that OpenVAS might have missed. Any time you use a new vulnerability scanner a rescan of all systems should be done (Asadoorian, 2011).
Conduct open source research using the internet. Roughly, what is the cost to license Nessus for one year?
On g2.com, a one year quote for a Nessus license is $2,990 and there are various other packages available. With everything now a days the longer you purchase the license for the cheaper it gets (Nessus, 2021).
Asadoorian, P. (2011, August 25). #10 there’s more than one way… – the top ten things you didn’t know about nessus. Tenable. Retrieved November 13, 2021, from https://www.tenable.com/blog/10-theres-more-than-one-way-the-top-ten-things-you-didnt-know-about-nessus.
Nessus (Ed.). (2021). NESSUS pricing 2021 | G2. G2. Retrieved November 13, 2021, from https://www.g2.com/products/nessus/pricing.
Vinogradov, A. (2021). 5 risks of using end-of-life operating system. 5 Risks of Using End-of-Life Operating System. Retrieved November 13, 2021, from https://blog.cloudlinux.com/5-risks-of-using-end-of-life-operating-system.