Embedded Files
OFFENSIVE SECURITY
Overview
I planned and executed a full vulnerability assessment of a permitted network using a commercial scanner and an open source alternative. I scoped targets, tuned scan policies, validated findings, and drove remediation with re-tests to confirm fixes. (How to Run a Vulnerability Assessment on a Network)
Objectives
Select and configure a vulnerability scanner
Discover live hosts and services, then enumerate vulnerabilities
Prioritize remediation by risk and business impact
Re-scan to verify closure and reduce residual risk
Prerequisites
Basic networking and security concepts
A network I own or have written permission to assess
One of: Nessus Essentials or OpenVAS
Tools and technologies
Nessus Essentials or OpenVAS
Basic Internet Protocol scanners for host discovery
Spreadsheet or knowledge base for tracking fixes
Implementation
1. Tool selection and setup
Installed and activated one scanner: Nessus Essentials or OpenVAS.
Completed initial wizard, created an admin account, and synced plugin feeds.
2. Scope and targeting
Collected approval and defined targets by Internet Protocol range, example 192.168.1.0/24.
Excluded critical systems that could be sensitive to intrusive checks.
Added credentials for safe authenticated checks on lab hosts where allowed.
3. Scan policy
Based on risk tolerance, selected a baseline network scan template.
Enabled safe checks, denial of service tests off, performance throttling on to avoid impact.
Scheduled scans during a maintenance window.
4. Run the assessment
Launched the scan and monitored progress.
Captured logs and timestamps for evidence and repeatability.
5. Analyze results
Grouped findings by severity: Critical, High, Medium, Low, Informational.
Mapped Common Vulnerabilities and Exposures to the affected services and hosts.
Distinguished real issues from noise by validating a sample on the host.
6. Remediate and verify
Drove quick wins first: patch priority services, remove obsolete services, enforce strong ciphers, change default credentials.
Re-scanned impacted hosts to confirm remediation and reduce residual risk.
7. Document
Wrote an executive summary, a risk-ranked findings table, root cause notes, and a remediation plan with owners and due dates.
Outcomes
Baseline view of network exposure with clear, ranked actions
Reduced attack surface by patching and removing unnecessary services
Repeatable scan policy and evidence pack for ongoing hygiene
Skills demonstrated
Vulnerability assessment planning and execution
Risk triage and remediation coordination
Evidence collection and executive reporting
Google Sites
Report abuse