Abstract
Objectives: Risk Management has been recognized as a critical issue in computer infrastructures, especially in medium to large scale organizations and enterprises. The goal of this research report is to provide a practical comprehensive virtual machine based framework for assessing the performance of vulnerability scanners applied to such enterprises, focused to small and medium size ones towards a risk evaluation analysis. Moreover, the purpose of this paper is to compare three of the most well-known free vulnerability scanners (Nessus, OpenVAS, Nmap Scripting Engine) with regards to how they can be used to systematise the process of Risk Assessment in an enterprise, based on the herein presented experimental evaluation framework involving virtual machine testing. Method: The proposed methodology is based on developing a framework for suitable setup and usage of virtual machines making risk analysis practical and being capable of comparing different vulnerability scanners. Findings: The herein developed framework is shown to be efficient with regards to comparison and selection of candidate risk analysis software with easily accessed and affordable infrastructure. Novelty: Although there might be few other similar comparisons of vulnerability scanners in the literature, the main herein contribution is the provision of a practical and above all easily reproducible framework for small business enterprises to establish proper selection procedures of such security software without spending a lot of money for expensive testing infrastructure. Keywords: Vulnerability Scanning; risk assessment; nessus; OpenVAS; Nmap scripting engine
Highlights
Introduction and Related WorkA vulnerability scanner is a software application that evaluates security vulnerabilities in networks or host systems and reports a set of scan results
Since all three vulnerability scanners we are examining offer the ability to create custom tests and reports using powerful scripting languages (NASL for Nessus and OpenVAS and LUA for Nmap Scripting Engine (NSE)) it is worth examining the capabilities of these scripting languages to create custom scripts that receive external input, process it along with existing vulnerability scanning tests and produce a custom report that is understandable from non-technical managers following the steps of risk assessment described earlier
Nessus Attack Scripting Language (Nessus and OpenVAS) Nessus Attack Scripting Language (NASL) was developed for the Nessus security scanner and since OpenVAS branched out of the open source version of Nessus its scripts are built on NASL too
Summary
A vulnerability scanner is a software application that evaluates security vulnerabilities in networks or host systems and reports a set of scan results. Those vulnerabilities can be software bugs and backdoors, missing OS patches, insecure configurations and vulnerable ports and services (1). It allows early detection of known security problems but by itself it isn’t the perfect solution for the protection of the network because it can only provide a snapshot of the state of the security of a network when each scan is concluded. A way to aggregate the results of vulnerability scanning to produce an overall report for the security of the system would be very useful to the security specialists to monitor the state of the network and where, as well as the priority of actions that need to be taken.(1,2)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
