New Tests - January

January 19, 2021 1 minute read

feature image

This months implemented test:

Test requirements

Can be done from a single computer
We can expect to get similar results on similar systems in the organization.
Does not need special software or hardware

Assess density of listening services in network

CIS 9: Limitation and Control of Network Ports, Protocols, and Services
From: Brice
Implemented in platform:

When it comes to listening services in the client network, I like to run a tight ship. We had an attacker in our network that was able to pivot wayyy to easy because our users stood up any server they wanted. Not anymore. The command below allow you to quickly see if there are any services that are anomalies in your network.

Manual test:
# From a computer on the network:
# open a cmd prompt, then simply run:
nmap -Pn --top-ports 100 192.168.0.0/24 -oG result
# This will write the output to a file "result"
# Then count the number of services and sort by highest occurance:
$ cat result | grep -i open | grep -oE [0-9]\{1,4}/open | sort | uniq -c | sort -r
      53 22/open
      53 443/open
      1 21/open      <- anomaly
      1 3389/open    <- anomaly
Automated - Using our platform:

Want more tests? Register below!

Twitter Facebook LinkedIn

Sven Eidissen

New Tests - January

This months implemented test:

Assess density of listening services in network

Manual test:

Automated - Using our platform:

Want more tests? Register below!

You May Also Enjoy

New Tests - April

New Tests - March

Critical Security Tests Part 2: Intrusion Detection and Monitoring Tests Guide

Critical Security Tests Part 1: Network Security Tests Guide