Task 8.2: Penetration Testing with Retina
Now that you have experienced Tenable Network Security’s Nessus vulnerability scanner, it is appropriate that you have an opportunity to evaluate the Retina security scanner by eEye. Retina is another full-featured scanner with the ability to scan an entire class-C network in less than 15 minutes, and it can even do so from a nonadministrator account. Most functions can be run from a nonadministrator account.
Scenario
Your manager has tasked you with evaluating Retina’s vulnerability scanner.
Scope of Task
Duration
This task should take about 15 minutes.
Setup
This task will require you to download and install Retina, a vulnerability scanner.
Caveat
Vulnerability scanners can cause IDSs to signal an attack. Make sure that you have permission to run a vulnerability scan on any network that you do not own. Vulnerability scans can cause IDS/IPS devices/software to produce false positives, which should be taken into consideration prior to scanning. Additionally, vulnerability scanners can cause systems to crash or hang, so you should always use caution.
Procedure
In this task, you will learn how to install and run Retina.
Equipment Used
For this task, you must have:
- Two or more networked computers (at least one with a Windows OS)
- An Administrator account
- Internet access
Details
This task will show you how to install and run Retina. This program will allow you to scan networked systems for known vulnerabilities and security holes.
Scanning systems can sometimes cause problems or crashes; therefore, you may want to run such tests during non–peak production times.
1. Once you have accessed your Windows computer and logged in as Administrator, open your browser and go to www.brothersoft.com/retina-network-security-scanner-223041.html.
You can download the single-system trial version of Retina from this location. Once you’ve downloaded the program, execute it from the folder to which you saved it. This will start the installation process.
2. During the installation, you will be prompted to accept the licensing agreement and the program will have to reboot the system to complete the setup. After rebooting, the installation will complete and Retina will start.
3. Upon startup, Retina will launch a wizard that will ask you several questions and guide you through the scanning process. You will want to cancel out of the wizard and go directly to the Retina interface so that you can explore its features. Across the top of the screen you will see four tabs that describe Retina’s capabilities: Discover, Audit, Remediate, and Report.
4. On the Discover tab, enter the range of addresses for your local network. After doing so, select Options and ensure that all network-discovery options are checked.
5. Start the scan by clicking Discover. After a few minutes Retina should finish the scanning of your network. You will be provided with a list of discovered systems, their IP addresses, and the operating system versions they are running.
6. Choose the Audit tab. The Audit tab is used to detail the scan results from each scanned system. After the scanning process is started as described in the previous step, Retina will look for and examine open ports once they are discovered. At the completion of the audit, it gives a complete listing of security vulnerabilities found.
7. Choose the Remediate tab. The Remediate tab is used to generate a remediation report. To generate, click once on the Generate button and allow the program a few seconds to generate the report.
The easy part of vulnerability analysis is finding problems. The hardest work is in the process of assigning individuals the task of plugging each vulnerability that was discovered.
8. The final tab is the Report tab. This tab is used to generate the final report. Several options are available that allow you to simply summarize the findings or format the findings as an executive report. For this task, choose Executive from the Report Type drop-down and check all of the Report Section boxes.
Criteria for Completion
You have completed this task when you have downloaded Retina, installed it on a Windows system, and used it to perform a vulnerability scan on one or more systems.