Skip to content

2.08-Perform Vulnerability Scan

Task Conduct Vulnerability Scan of Network Host

Conditions

Given a host with local administrator credentials, an incident response workstation, network access, and a vulnerability assessment tool

Standards

  • Team member verifies network connectivity to the host using the host IP address
  • Team member assures the vulnerability assessment tool is using the latest updates and signatures of the selected tool
  • Team member configures the vulnerability assessment tool with the IP address of the host
  • Team member selects assessment options within the tool based on testing level required
  • Note: Some tests can cause denial of service to host and will need to be evaluated before beginning of assessment
  • Team member runs the assessment with selected options and monitors progress
  • Team member evaluates the results of the assessment and determines if critical or high vulnerabilities exist on the test machine

End State

All vulnerabilities on the test machine are found and critical or high results are evaluated for remediation

Manual Steps

  • Determine if the client/victim currently have designated in-house vulnerability tools
  • Identify if the customer has a service account to conduct your scans. See Task 1.18 Establish Network Access Accounts
  • Request a network topolgy from the network owner(if available)
  • Verify network topology with a ping sweep
  • Establish and separate vulnerability scan groups by Operating Systems(Win/Linux)
  • Narrow vulnerability scans prevent false results
  • Verify the credentials you are using to scan have:
  • Sudo privilege for Unix/Linux
  • Administrator group for Windows

Optional Tools:

Nessus
OpenVAS Kali
OpenVAS Ubuntu

Running Script

N/A

Dependencies

Network access accounts:
* Administrative group(Windows/Mac)
* Sudo privilege(Unix/Linux)

References

OpenVAS
Nessus
Greenbone Vulnerability Manager Installation Guide

Revision History