Welcome back to the savory course in building. You're in for a sec lap. I'm your host and instructor, Kevin Hernandes.
Their last month we started integrating lock sources into curator till we are precise will integrate a p of sense in curator. We also create a custom properties and cuffs on the ISM in order to correlate evens in sai curator with this new lock sources,
if you also recall correctly prior in the HQ lesson and the classes
we actually installed expose in our lamb environment. However, we didn't get too far with it up to the activation point. Only
in today's lesson, we're actually gonna have an introduction into next post. No, let's get started
now. It's useful. Earlier, One of the things next vote will continue to ask over and over again
is toe activation. Or like whisky.
You received an E mail, such as the one scene in the left side of the screen with your product key.
input key into our product.
You can see it's currently in the activation process screen itself. Look at you stuck. However, if you refresh the page,
you will see that you can now successfully navigate
to next pose with no issues
now in order to do a skin
a little acid space. Very year monitor. Looking at him
in here, you need to create a site.
Let's say, my network.
It just can't be left blank for now.
Let's go ahead of assets, and here you'll put the range of the
I piece you want to cover in a skin. You want to scan your home network,
for example, in type 192.168
and hit a coma, and you can see it actually cover all of them.
Now, if you want a target specific eyepiece, let's let's just say
you can actually type V. I. P s such a head coma.
However, I was gone the whole network
afterwards. You have authentication
here. You can put credentials
in case you have, like some type of domain access
or the Minutemen. Here's where you can put those credentials in order to have more privileged levels
On the next step is the template. This is what type of scanned you want to run a full audit? What Web spider is probably one of the most complete scans there are.
However, if you want to target something specific, like HIPPA,
you're welcome to do so. You just want to say what's in the network, even also something Discovery. Skin. However, let's just go full audit without whips. Fighter.
Here, you can pick how many hosts you want to utilize to perform the skin. In this case, since we have only one device will keep its local scan. Engine
alerts are basically some type of reconfigure parameter, such as scan started scan ends, whoever did he discover et cetera that you can configure and program and, for example, since email to you or shows a notification to make you aware that something's going on
on the last episode schedule schedule is basically when do you want us to run? Do you want to run automatically?
Do you want to run later on after hours and didn't just come to create schedules? And here you can set the parameters. I went this gun.
One of the good things about schedules is if you go really into details, you can actually create blackouts a swell.
For example, Paul, a scan during business hours.
However, in this case, I'm gonna go ahead and safe and skin. So it's skansen Magritte. Right now
my skin, the network
now a skin comtech. Anywhere from within a few minutes to a few days or more.
It all depends in amount of assets and the type of scan that you're performing.
So this is a type of thing that if you're running the whole something, that and you have several devices,
it's better just to let it run.
start developing and networking a little better
continue enhancing those diagrams and then eventually come back and see the results. You can see it. Actually, Detective 18 answer to curently and insists it supposedly 34 hours have passed. Even though
It's around 30 minutes in. You're gonna see that nine of the computers have been completed
and I'm still active skin, right?
Yes. You can see right here and completed assets. You have a general orb. You off Sarah Lynn. ICS devices a solace. Windows, devices. Right.
You can see how long this can took on the fifties
and as the video for grasses you can see the *** is being added.
Actually, if you pay close attention,
this asset over here that I just mark appears to have deniable no abilities, and so is this one. So obviously we have to look into those most likely these r i o t. Devices. You can see it's Lennox
and therefore, those don't have too much support from the vintner in.
We have to make sure we have additional controls that we can
established maybe through villains, maybe through far old etcetera, to control and make sure
these devices are secure. Right,
Houston, this If you look at this, this is news from 2016 where, you know, basically hack coyote devices, a leech, a record. DDOS made him write that back then. Right? So basically, you know, I owe teas are more of a convenience. They don't really think about much regarding security,
especially if it's Indy or a new product for most small company, Right?
I remember one of the vendors I talked to regarding cameras. They promote security features in the product,
and I actually approached them and said, Hey, what kind of house. A curious is What is it? Something special's on top of encryption. And they told me No, it's a little blue led that blinks. If
somebody walks into the room while the alarmists activated
and I'm going like a house on a security feature, write me thinking physical security.
Maybe for that it was more of a deterrent that they see activity and they walk away.
Yes, we reached a 45 minute mark.
You can see that now. Only one system is spending to complete the skin.
Now, let's go ahead and take a look into one of the devices with formalities.
Go ahead and click on it.
You know you got the offering system. The AP.
Ah, the last Cantone right there. Risk or now context driven. Underscore. This is basically their way to saying
you have this woman ability and it's this old and that way, you know, it kind of increases right
de severity. So as you can see down here,
one. They're really just apply to it. You can see they're from 2017
you think most of them aren't regarding D n s
right? Hey, Buffer. Awful abilities in secret on the flow flaw leading to buffer overhead. So it's buffer overflows. You know, these nest servers a lot of cash snooping.
So if you want to get more details right,
other than the severity ease and how many times have been detected, you can always click.
and you get a little more information on it, right? Actually say when it's polished. When it was modified, the actual score
categories of it, right, mon execution. So, yes, somebody can actually control this device depending on what it is ready. It's also a very dependent on
what type of resource is it has. So we gotta be a little bit aware of that
in right here, actually says what it says. It can crash it
and it can actually do execute arbitrary. Could be, ah, crafted PT six And as you see is basically the N s mass before 2.78 So the way to fix this in theory will be to update
you're Deanna's mask 22.78
and let's go here as well
you get actually got a little war details on them.
And here you have to actually mediation down the most recent sting operation of the in its mass. From here
right now, here's the thing. Like I said, this could most likely area I ot
like I stated earlier. You know, if you click in those taps,
you have a little more information here from both Google
and missed the infinite ability to database
All right here because it's very high.
If you go back to the assets patient of the scan is finish,
general over. Be right
off the environment. First of all, it gives you daemon assistance by operating system
keeps you also the, uh, exploit o assets that skill level. So even now, this Lennox right with nine vulnerabilities,
um, it's a high risk, right? You can also see that the amount off level that it's required expert level for those assets.
Now, you see also on the system such as X X, I having four
when those seven haven't won and pf sense, for example, having to know it's not necessarily something bad, right?
Some of these could be recently released and therefore not necessarily patch.
but it is what it is, Right.
Says you can see here
looking at the PFC. I'm sorry. Yes, I signed now and you can see it's sort of sits. Forget it. Error. Obviously we've been installing the certificate.
A friend from work until that Have sampling, right. Andy s vulnerability. So it's it's
Some residual memory owned for some micro processing intelligence. Franklin speculating execution may allow on on all dedicated user to potentially anyone Information disclosure by a side channel with local axis.
you know how to mitigate it again. You can scroll down
basically download an upgrade, as you can see always right.
Most of these vulnerabilities are taking care of upgrades
and give or take. That's really want.
Next pose is used for, um, you know, scans the acids,
provides your report.
kind of patch those holes and make a more secure environment.
What they will learn today. We actually run at Vella Lividity scan. A non network went next. Folks were able to identify several systems, had flaws with thin.
The own architectural environment patches that Sarah
we will have to work close in order to Protect Arts Network properly for these devices
in the next lesson will actually do a course review.
Hope to see you since I have a great day.