No replies to this topic

[CJT]

Hi, I'm a student currently taking an Information Security Major. I'm doing research on the metrics that should be scanned to describe the current state of a host computer/network. I know Nessus is a favorite vulnerability scanner, and you can add plugins to customize/enhance your scans. However, I'm most interested in what you should be scanning to declare a system/network "secured". So far this is what I have think of, please add or comment, and please feel free to leave your professional experience on the following:

Host Vulnerabilities:

- OS Version
- Patch remediation
- Access Control
- Ports (Open/Closed)
- IP version (does it make a difference in security in IPv4 vs. IPv6?)
- Services running
- Programs running (version, known vulnerabilities, etc.)
- File System? (NTFS vs.UFS)
- Encryption
- USB Ports locked (I guess depending on security specs.After all Bradley Manning used the USB ports to get sensitive info.)

Network Vulnerabiilties:

- Network Bandwidth (4 T1s vs 1 GigE)
- Network Devices (Routers, switches, NIPS, FW, etc. check for OS version, Firmware, known vulnerabilities, etc.)
- Encrypted Traffic
- Network Topology (Bus, Ring, Mesh, Star)
- Network OS (Cisco IOS, JUNOS)
- Baseline of normal traffic
- VoIP traffic (can it be intercepted?)
- MPLS vs. Ethernet, vs. Fibre Channel (Excuse my ignorance, but I'm a bit confused about these technologies.)


Am I on the right track? Am I missing any other metric?
Thank you for your help,

CJ