Ethical Hacking

Ethical Hacking

Executive summary

The report has been conducted based on the detailed understanding regarding to the several measures of VMware. A victim machine has also been identified, that is windows server 2008.vm. Tasks based on scanning method, that encompasses with Network based Scanner, Database scanner  and Hostbased Scanner. Along with this, related vulnerability measures such as, network, process and operating system vulnerabilities have discussed. Mitigating policies such as, limited broadcasting, monitoring network atypical activities regular, enforcing encryption for managing data tampering has highlighted. Along with this, managing the risks of repudiation are the significant aspect for managing the threats related to the VMware.


The concept of vulnerability assessment refers to the systematic review regarding the weakness within the security aspect of an information system. The vulnerability assessment allows evaluating the VMWare files and system of the victim machine that can be susceptible to any digital threat or vulnerability and provides various solutions and strategies to mitigate them as well. In association with the vulnerability assessment comes the various risk factors and consequently, the operator can also form a particular strategy to mitigate them as well.

Task 1

1. Scanning method and tool for Vulnerability Scanning for victim machine

The scanner for vulnerability assessment refers to the automated tools that allows the operator to identify and develop an inventory of the victim machine. For each machine, the scanner tool attempts to detect the operational details of the system and along with other aspects such as the user accounts and open ports as well.

Consequently, with the application of these vulnerability scanners, the operator is provided with essential information. Such as, the weakness within the virtual environment, the intensity of each risk that may emerge from these vulnerabilities and the probable best suited ways to mitigate these vulnerabilities are crucial. As per the opinion of Shah et al. (2019), in case of hacking, the attacker can easily hack the sensitive data and information from the perimeter of the victim’s system. As a result, port scanning can be considered as an essential method to prevent VMware from ethical hacking.

However, in order to scan the VMware, various scanning methods can be used, such as, Network based Scanners, and Host based scanners, Wireless scanners, Application Scanners and the Database scanner. In this case, since vulnerability assessment is to be performed over the snapshot over the virtual machine of Vinstar Corporation, therefore, Network based Scanner, Hostbased Scanner and the Database scanner can be used as the scanning method. Since the victim machine of the Vinstar Corporation works with the Windows Server 2008.vm server, therefore, with the application of network and operating system analysis, it will be easier to detect the vulnerabilities within the environment of the server as well. 

As per the opinion of Nguyen et al. (2021), with the application of the network scanner, the operator can easily scan the network vulnerabilities within the VMware machine and identify the unknown perimeters and weak points within the system. On the other hand, according to Zhao et al. (2019), with the application of the Host-based scanners, it is easier to scan the vulnerabilities within the operating system of the victim machine. The weakness may be detected within the servers, other network hosts, workstations and provide the operator a greater visibility towards the configuration setting within the virtual environment. Similarly, with the application of the database scanner, it becomes easier for the operator to scan and detect vulnerabilities of the victim machine within the process and the database (Langone et al. 2017).

Figure 1: VMware workstation icon

However, in order to detect the network vulnerability, operation system vulnerability and the process vulnerability within the victim machine, various tools can be used. Among all tools, applications such as OpenVas, Nikto2, OpenScap, Tripwire IP360 or Nexpose Community can also be applied. However, among all these tools for scanning, Tripwire IP360 appears to be one of the most effective since it will allow the operator to maintain security risks and manage them besides detecting the vulnerabilities within the wide range of the network, operating system and process.

2. Three vulnerabilities and their explanation

With the application of various scanning methods and scanning tools, three types of vulnerabilities have been detected within the victim machine. These three vulnerabilities include the Network Vulnerability, the Operating System Vulnerability and the Process Vulnerability.

Network Vulnerability

As per the opinion of Nguyen et al. (2021), the network vulnerability within the VMware software refers to the weakness that can be detected within the hardware, software, or the organisational procedures that can be often compromised by a cyber or digital threat as well. The threat within the network of the victim machine can result in the threat or a breach within the security system of the machine or the entire organization. However, network vulnerability within the VMware machine can also be categorised into two subdivisions, namely the physical and the non-physical threats (Chou and Jones, 2018). The non-physical threat of network vulnerability refers to the weakness of vulnerability detected within the data or software of the machine or the organization. On the other hand, as for the physical threat of network vulnerability, it may include the physical protection of a particular asset or securing the entry of any breach point within the existing server system.

Operating System Vulnerability

As similar to the detected vulnerability within the network system of the VMware, another major form of vulnerability can also be detected within the operation system of the machine as well. The vulnerability within the operation system of the software refers to an effective error within the logic or the code of the operating system that may eventually hinder the vendor’s development (Harrell et al. 2018). For example, the presence of Nimda and Aliz worms within the operating system of the VMware may exploit the messages within the software outlook. In addition, worms such as Sasser, CodeRed, Lovesan or Slammer within the Operating system may also penetrate the computer and exploit the Linux applications within the VMware.

Process Vulnerability

In case of process vulnerability within the software, the application of the VMware such as the identification, evaluation, treatment and reporting of the security issues become vulnerable within the victim machine (Khera et al. 2019). As a result, the software that runs within the victim machine, that is can manifest symptoms of technological weakness. This technological weakness however gradually compromises with the sensitive data and information that it withholds. Therefore, in the case of the VMware files, the process vulnerability blocks the functionality of the vCentre server causing a vCenter issue (Vakili and Hamidi, 2018).

Task 2

1. Risk assessment methodology

In case of VMware software, the security risk is detected in the VSRC point, where the customers, researchers, partners and the external stakeholders report vulnerabilities within the VMware files. In case of vulnerability assessment within the VMware assessment, risk assessment becomes crucial as it complies with the legal requirements and disaster management as well. The risk assessment procedure within the vulnerability management therefore refers to the process that includes identification, quantification, prioritisation and ranking of the vulnerabilities present within the system as well.

In this case, however, to detect the risks within the Victim VMware files, the STRIDE methodology has been adopted. STRIDE methodology comes with an approach that allows detecting the potential threats within the VMware files. Praerit Garg and Loren Kohnfelder have modelled this risk assessment methodology in 1999 (Muntoni et al. 2019). STRIDE methodology of risk assessment generally refers to a mnemonic for the potential set of threats within the VMware files, such as, Spoofing, Repudiation, Tampering, Elevation, Denial of Services and information disclosure as well (Khan et al. 2017).

Therefore, it is effective against network, OS and process vulnerability. As per this risk assessment methodology, any violation within the authentication, integrity, availability, confidentiality of the sensitive data and its authorisation can be detected easily. Therefore, with the application of the STRIDE methodology the vulnerabilities within the network, process and Operating system can also be mitigated.


Figure 2: Risk Assessment Procedure


(Source: Muntoni et al. 2019)

2. Formulation of policy in mitigating/preventing the selected vulnerability

However, after assessing the risks from the detected vulnerabilities within the system, it is important to develop certain risk mitigation policies. These risk mitigation or risk prevention policies may include-

  • In order to prevent risk of DoS (Denial of Service), it is important to limit the broadcasting of the files and information that already include sensitive data and information.
  • To prevent the risk of spoofing within the system, it is important to monitor the atypical activities within the network of the system so that the system can be protected from the IP spoofing. In addition, deploying packet filtering can also reduce the risk of spoofing within the network of the system.
  • In order to mitigate the risks of tampering the data within the victim machine it is important to enforce the Data-at-rest encryption along with the Data-in-transit. In addition, Copy-on-Write File systems can also reduce the risk of data tampering as well.
  • To reduce the risk of information disclosure, it is important to limit the access to the sensitive data and information within a very limited users
  • To mitigate the risks of repudiation, it is important to consider digital signature for any sort of online transaction of the organisation


Therefore, to conclude with, this can be stated that vulnerability appears to be one of the crucial aspects in case of digital threats and piracy. Therefore, it becomes essential to protect the VMware files and the software from various vulnerability aspects as well. Various methods and tools can therefore be applied to detect these vulnerabilities within the environment and assess the probable risk factors. However, with the application of the proper risk management tools and methodology, such as STRIDE methodology, further policies can also be formed to mitigate or reduce the risk factors.

Reference List

Affia, A.A.O., Matulevičius, R. and Nolte, A., 2020. Security risk management in e-commerce systems: a threat-driven approach. Baltic Journal of Modern Computing8(2), pp.213-240.

Harrell, C.R., Patton, M., Chen, H. and Samtani, S., 2018, November. Vulnerability assessment, remediation, and automated reporting: Case studies of higher education institutions. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI) (pp. 148-153). IEEE.

Khan, R., McLaughlin, K., Laverty, D. and Sezer, S., 2017, September. STRIDE-based threat modeling for cyber-physical systems. In 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe) (pp. 1-6). IEEE.

Muntoni, F., Desguerre, I., Guglieri, M., Osorio, A.N., Kirschner, J., Tulinius, M., Buccella, F., Elfring, G., Werner, C., Schilling, T. and Trifillis, P., 2019. Ataluren use in patients with nonsense mutation Duchenne muscular dystrophy: patient demographics and characteristics from the STRIDE Registry. Journal of comparative effectiveness research8(14), pp.1187-1200.

Nguyen, S.D., Mimura, M. and Tanaka, H., 2021. SVTester: Finding DoS Vulnerabilities of Virtual Switches. Journal of Information Processing29, pp.581-591.

Shah, M., Ahmed, S., Saeed, K., Junaid, M. and Khan, H., 2019, January. Penetration testing active reconnaissance phase–optimized port scanning with nmap tool. In 2019 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET) (pp. 1-6). IEEE.

Vakili, R. and Hamidi, H.R., 2018. Vulnerability Assessment and Penetration Testing of Virtualization. OIC-CERT Journal of Cyber Security1(1), pp.14-21.

Zhan, D., Ye, L., Zhang, H., Fang, B., Li, H., Liu, Y., Du, X. and Guizani, M., 2018. A high-performance virtual machine filesystem monitor in cloud-assisted cognitive IoT. Future Generation Computer Systems88, pp.209-219.

Zhao, H., Zhang, Y., Yang, K., & Kim, T. (2019). Breaking turtles all the way down: An exploitation chain to break out of vmware esxi. In 13th {USENIX} Workshop on Offensive Technologies ({WOOT} 19

Langone, M., Setola, R. and Lopez, J., 2017, July. Cybersecurity of wearable devices: an experimental analysis and a vulnerability assessment method. In 2017 IEEE 41st annual computer software and applications conference (COMPSAC) (Vol. 2, pp. 304-309). IEEE.

Chou, T.S. and Jones, J., 2018, September. Developing and evaluating an experimental learning environment for cyber security education. In Proceedings of the 19th Annual SIG Conference on Information Technology Education (pp. 92-97).

Khera, Y., Kumar, D. and Garg, N., 2019, February. Analysis and Impact of Vulnerability Assessment and Penetration Testing. In 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COMITCon) (pp. 525-530). IEEE.