How to uncover network vulnerabilities

There's a couple of scenarios where reading this blog post will be helpful, which include but are not limited to:

 You're new in IT and want to know where to start finding vulnerabilities on the network you're managing.

 You've just moved into a poorly managed infrastructure where the previous IT guy was clueless.

 You're doing a start up and want to ensure things are kept safe, so knowing how to find vulnerabilities in the network seems sensible.

Of course there are many other reasons as well.

Lets get started, by defining a network. What is a network? How do you know where you're responsibility starts and stops? And what tools can you deploy to help you to manage network vulnerabilities?

A computer network is defined as …. “A computer network is a digital telecommunications network which allows nodes to share resources. In computer networks, computing devices exchange data with each other using connections (data links) between nodes. These data links are established over cable media such as twisted pair or fiber-optic cables, and wireless media such as Wi-Fi.“...according to wikipedia, and this in theory might as well cover the entire internet, and traditionally people would stop worrying after the data leaves the business network (aka your office), however with the increasing desire to move things cloud based we can't just stop in our business network, we have to be concerned and capable of ensuring that any cloud resources the business uses hasadequate vulnerability protections.

In regards to cloud services that the business uses such as email, website hosting and maybe even data storage, there should be a healthy amount of documentation provided by the cloud supplier. If there isn't, then you should be questioning them. Chase them on all aspects of security not just vulnerability management, but physical security, raiding drives to protect against corruption etc.

Specifically in regards to vulnerability detection and management, enquire about how they handle severe and critical vulnerabilities. Ask them if they are using WSUS for windows patch management and if they have Linux systems or tools that can manage third party software. WSUS, is going to primarily patch Microsoft related technology, and not their backup software, the operating system of their Cisco switches and routers etc, there's a lot of scope for none Microsoft technology. A very important piece of information that needs to be assessed is how regularly are they patching severe and critical vulnerabilities, does it take then 48 hours or 6 months? A risky vulnerability can cause havoc on a network and if it's not managed they can be combined with other vulnerabilities to provide unauthorised access.

Now what about the business network, all those physical machines, the in-house storage, the active directory system, backup systems etc. Every network will be different, like a fingerprint but they generally have similar functions and roles. The primary protection against vulnerabilities is detection, so when looking into this field, it really needs to be automated. It would be a spectacularly time intensive job to do manually, so below are some tools that can assist with the task.

WSUS: used to scan all windows machines and servers on a network/domain and assess their level of patching against what is recommended, if gaps are found they will patch and update.

Anti-Malware: This should be deployed to all machines and servers on the network/domain because it will help identify when vulnerabilities might be getting taken advantage of (and proactively block this activity).

3 rd Party Patching tools: As mentioned above, it's not always possible for WSUS to patch everything, so there are tools such as solarwinds, lansweeper and pdq deploy which can assist in patching software across the network.

Having the software and capability to do this though is not always enough. One of the best methods to detect vulnerabilities is to proactively scan your network with tools such as Nessus, which are connected to the CVE database that logs all known vulnerabilities. Running this against your network of machines will help identify incorrect configurations and security risks, which IT can then go ahead and invest time in fixing.

Please also keep in mind that all this activity should be regular and on schedules, don't just do the task once and think the business is fine. Vulnerabilities are released daily which means as soon as you patch you can be out of date and vulnerable within days. If you have any questions on how to implement a great patch management system or run vulnerability scans across the business network, get in touch. We're always happy to get involved.

Related Articles


Back to start
aberdeen skyline graphic