Let’s review latest HPE servers security news at this post. The news has been published by HPE during past week.
Advanced Threat Analytics (ATA) is an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber attacks and insider threats. Advanced Threat Analytics (ATA) leverages a proprietary network parsing engine to capture and parse network traffic of multiple protocols (such as Kerberos, DNS, RPC, NTLM, and others) for authentication, authorization, and information gathering.
Microsoft has replaced legacy updates with cumulative updates for most active products over the past years. Cumulative are including all past updates and also security updates. There is two model of updates:
You can choose on of the model of updates and install it. If you have concern about security issue and operating system fixes are not important to you, so you can download and install “Security Only” updates.
OpenSCAP is an auditing tool that utilizes the Extensible Configuration Checklist Description Format (XCCDF). XCCDF is a standard way of expressing checklist content and defines security checklists. It also combines with other specifications such as CPE, CCE, and OVAL, to create a SCAP-expressed checklist that can be processed by SCAP-validated products.
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
At the first part, we’ve reviewed GSM (Greenbone Security Manager – Formerly OpenVAS) as a security manager or assessment tool for discovering vulnerabilities on virtual environments, the second part was more functional and we talked more about GSM. You leaned that how can you create a target on Greenboone Security Manager and scan it to discover vulnerabilities.
As I said at the end of second part of the blog post, the third part is related to resolving security issues. Any software and specially operating systems have “Hardening Guide”. You must follow steps of hardening guide to reduce security vulnerabilities effect on production environments.
We have reviewed reasons of have Vulnerability Assessment or Vulnerability Manager in virtual environments and how these software help us to find vulnerabilities on any component of virtual infrastructure. We have reviewed OpenVAS or Greenbone Security Manager and talked about features and abilities.
Now, it’s time to use the GSM server that we had prepared on the previous part. In this part of blog post, we’ll configure a target (ESXi Server) on OpenVAS server, create a task for scan and find the result of scan.
I’ve installed ESXi 6U1 (3029758) on a virtual machine and there is no customized configuration, all configurations are default.
In virtual environments, any vulnerability has affect on virtual infrastructure and those who get the service including internal and external services. So at least, any organization should have process to identifying vulnerabilities. Identifying vulnerabilities needs tools in IT infrastructure to scan devices, operating systems and applications and find vulnerabilities (Especially security vulnerabilities).
VMware has detect vulnerability on some products against E1000 NIC. The issue may allow a guest to execute code on the host. If you have any running virtual machine on VMware Workstation 14.x and Fusion 10.x, you must stop them and apply patch to the mentioned products before running any other virtual machine.