Vulnerability Analysis of the Exposed Public IPs in a Higher Education Institution

Vulnerability Analysis of the Exposed Public IPs in a Higher Education Institution

연구 분야: Strategies

학회: ICCNS '20: Proceedings of the 2020 10th International Conference on Communication and Network Security

Public IP addresses from a private or public higher education institution receive large amounts of network traffic. However, the data network is vulnerable to the possibility of security attacks. This study develops a case in a practical way based in the use of the Advance IP Scanner and Shodan software tools, and following a methodology that consists of discovering an education institution IP network and scanning its hosts of interest to then find the security vulnerabilities of the main network addresses. From a statistical universe consisting of the entire range of IP addresses in the institution's network, a group of hosts of interest were defined as a sample set for further examination. On that base, the aim of this study is to analyze and classify the obtained vulnerabilities information by severity of the vulnerability for each found host using the described methodology, in order to obtain statistics at a host level and at the entire network level of the vulnerabilities by severity and quantity. It is concluded that most of the hosts have vulnerabilities in their Apache servers’ HTTP daemons, and they cause in a high percentage of them having vulnerabilities at the Critical level.