For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed?
It is obvious that the first two vulnerabilities need to be fixed right away. These are vulnerabilities that would allow an adversary to gain access to the company network which is exactly what we don’t want. Another two that I saw was that the /doc directory was able to be navigated that could lead to an adversary discovering the versions of software on the system and finally there was the passwords being sent in cleartext. This could allow an adversary to gain access to different things on the system from the passwords not being encrypted.
- How do you fix the problem(s) identified? Can you defer mitigation for another time? How can the problem(s) be fixed if the system cannot be taken offline?
The first two vulnerabilities can likely be fixed with simple patching. It would not be wise to defer the mitigation because as we are learning about these vulnerabilities, an adversary could be learning at the same time. Most patching can be done without actually taking the system offline. For the other two issues that was pointed out, securing the /doc directory is simply going in and fixing the setting and that is the same for the cleartext passwords. - Since some machines were already scanned with OpenVAS, should you also consider scanning the same systems with Nessus? Why or why not?
Absolutely yes. Nessus is much more robust and will gain more results then OpenVAS. This could show new vulnerabilities that was not previously shown therefore allowing the systems to be more secure. - Conduct open source research using the internet. Roughly, what is the cost to license Nessus for one year?
It is about 2,390 for one year, or $2,790 for one year with Advanced Support. If I were to get Nessus, I would definitely pay for the extra support to ensure that I was getting the most out of the tool.
Sample Solution
