What is System Integrity Check?
A system integrity check is a part of the system hardening process to confirm that we have taken all the necessary measures to prevent any unauthorized access to our systems and files. System integrity check verifies the integrity of different system components, such as operating systems, applications, and network services.
System Integrity Check:
The system integrity check is most commonly performed by executing different system and network vulnerability scanners, such as Nessus, QualysGuard, OpenVAS, and Nikto. Each of them can be run on each of the system components (operating systems, applications, and network services). They are able to perform various checks against the systems to discover security loopholes.
- Nikto is a web server scanner that allows scanning of web servers for vulnerabilities and configuration errors. Nikto can scan the server’s internet protocols (FTP, HTTP, HTTPS), perform checks in SMB/CIFS protocol as well as find information about mail servers. Nikto has been created to scan web servers for known vulnerabilities, configuration errors, and misconfiguration.
- QualysGuard is a cloud-based Vulnerability Management solution, a cloud-based network scanning technology that helps organizations to continuously monitor their networks for known vulnerabilities to help them in staying secure. QualysGuard uses multiple technologies (SDKs, plugins, virtual patching) that allow to automate scans and eliminate the need to perform this manually on each computer. It also allows continuous monitoring of various vulnerabilities and changes in the infrastructure. It includes a real-time web portal where the user can see what is going on in their network at any time and see which systems require attention.
- OpenVAS is the most widely used vulnerability scanner which can be used against open source and proprietary software, operating systems, web applications, network services, and Internet of Things (IoT) devices.
- Nessus is an open-source vulnerability scanner and security auditing toolkit. Nessus also has a reverse engineering option for analyzing and disabling active exploits.
Large-scale vulnerability scans of target networks can be performed using one or more of the tools, for example, Security audits are a common part of any penetration test exercises, but may not always perform themselves. Instead, they may purchase these services either from another audit company or from an outsourcing company.
The following figures outline the different types of system integrity checks performed by a penetration tester:
- A penetration test is a simulated attack that is usually carried out by an ethical hacker or white-hat hacker, who attempts to gain access to computer systems from within an organization. Penetration Tests can be used for network attacks and testing, such as targeting systems for attacks.
- These tests include all over the place such as user and configuration errors, policy violations, missing patches, services not restarted, and so on. Penetration tests are also used when IT security needs to evaluate security controls/problematic areas of an existing system after some time period.
- After a penetration test, the client will receive recommendations about security controls so that the client can take appropriate action.
- Penetration testing is also known as ethical hacking. Penetration testers also use different hacking tools during a test to check vulnerabilities related to security.
- Penetration testing is a good strategy that helps IT Security analysts to verify the security of an application or system.
- If it can be accessed from outside, then the penetration tester will try to find out whether this access is restricted and if any unauthorized person is able to gain access or not.
There are various countermeasures that can be used for effective security which include physical security, logical security, and cryptographic security.
- Logical Security controls involve a computer system’s access to resources, such as files, network access, and so on. Logical controls help prevent unauthorized or improper access to a computer system.
- Examples of logical controls are passwords, such as encryption algorithms such as Asymmetric cryptography, and ElGamal encryption algorithm. Data flow controls enforce secure data flow by controlling who can send or receive data from the computer system’s memory or storage.
- Data flow controls help prevent unauthorized or improper access to data, such as limiting the ability of an authorized user to access data from another user.
- Physical security protects items by ensuring that physical intrusions are properly locked down and that doors and windows are tightly secured.
- Cryptographic security controls ensure the proper transmission of information or files over a network between two computers or devices that are communicating with each other. Examples of cryptographic systems include the Secure Sockets Layer (SSL) protocol, Transport Layer Security (TLS), Secure HTTP (HTTPS), Digital Signature Algorithm (DSA), Advanced Encryption Standard (AES), and Advanced Encryption Standard-256-bit High-Performance Servers (AES-HPS).
Please Login to comment...