logo

Open Vulnerability Assessment System (OpenVAS)

   

Added on  2020-07-23

9 Pages1326 Words180 Views
Task 1 (Scan your machine)To ensure that Arif's machine is free of rootkit programs which may alter the investigation results, he decides to run a thorough scan. Choose at least two programs and provide the screenshots of the scanning results.OpenVAS The Open Vulnerability Assessment System (OpenVAS) is a free network security scanner platform, with most components licensed under theGNU General Public License (GNU GPL). The main component is available via several Linux packages or as a downloadable Virtual Appliance for testing/evaluation purposes. Though the scanner itself doesn’t work on Windows machines, they offer clients for Windows.Retina CS Community provides vulnerability scanning and patching for Microsoft and common third-party applications, such as Adobe and Firefox, for up to 256 IPs free. Plus it supports vulnerabilities within mobile devices, web applications, virtualized applications, servers, and private clouds. It looks for network vulnerabilities, configuration issues, and missing patches.

Task 2 (Repairing Windows Logs)Arif decompresses the _le \Desktop.zip" and _nds 4 Windows event log _les. Describe the information stored in each log _le and repair those important log _les so that they can be viewed in Windows EventViewer.Windows event log is a record of a computer's alerts and notifications. Microsoft defines an event as "any significant occurrence in the system or in a program that requires users to be notified or an entry added to a log." The Windows operating system classifies events by type. For example, an information event describes the successful completion of a task, such as installing an application. A warning event notifies the administrator of a potential problem, such as low disk space. An error message describes a

significant problem that may result in a loss of functionality. A success audit event indicates the completion of an audited security event, such as an end user successfully logging on. A failure audit event describes an audited security event that did not complete successfully, such as an end user locking himself out by entering incorrect passwords. Each event in a log entry contains the following information: Date: The date the event occurred. Time: The time the event occurred. User: The user name of the user who was logged on when the event occurred. Computer: The name of the computer Event ID: A Windows identification number that specifies the event type. Source: The program or component that caused the event. of the event. Type: The type of event (information, warning, error, security success audit or security failure audit.)Task 3 (Which account is created)Having repaired the log _les, Arif examines one of them in order to identify which account was created without Amy's consents. Which log _le and which EventID number Arif should search? Provide a screenshot for the account-creation event.Arif should examine secutity event and application log id.

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
SIT703 Advanced Digital Forensics Assignment
|22
|1357
|301

Advanced Digital Forensics Investigation | Desklib
|31
|1904
|361

SIT703: Advanced Digital Forensics - Case Investigation Report
|35
|2867
|282

Assignment of Digital Forensics
|18
|1528
|292

Assignment | Cyber Security
|23
|2174
|14