150 likes | 161 Views
GFI LANguard. CIS 460 – Network Design Seminar. Network Security Scanner Tool. GFI LANguard. OVERVIEW Network Security Scanner (N.S.S.) checks network for all potential methods that a hacker might use to attack it.
E N D
GFI LANguard CIS 460 – Network Design Seminar Network Security Scanner Tool
GFI LANguard OVERVIEW • Network Security Scanner (N.S.S.) checks network for all potential methods that ahacker might use to attack it. • By analyzing the operating system and the applications running on yournetwork, identifies possible security holes. CIS 460 - Oscar Vazquez
Scanned Vulnerabilities • Servicepack level & security patches • Windows NT/2000/2003/XP • Microsoft Office • Microsoft Exchange Server • Microsoft SQL Server • virus updates or client software deployment • Open shares • administrative and printer shares (C$,D$, ADMIN$) • shows you who has access to the share. • Open ports • Port-scanning engine, allowing you to scan your network • TCP/IP and UDP • Services • Identifies well-known services (www / FTP / telnet / SMTP... ) CIS 460 - Oscar Vazquez
Scanned Vulnerabilities (Cont…) • Applications • Deploy 3rd party software or patches network-wide • Update custom or non-Microsoft software • Virus updates • Checks for programs that run automatically (potential Trojans) • Key registry entries • Security auditing policies • Start up • Log system • Weak passwords • Maximum password age • Password history • Minimum password length CIS 460 - Oscar Vazquez
Basic Settings and Use CIS 460 - Oscar Vazquez
Scanned Results Nodes by IP HTML Report Comparisons
Basic Settings and Use CIS 460 - Oscar Vazquez
HTML Report CIS 460 - Oscar Vazquez
Basic Settings and Use CIS 460 - Oscar Vazquez
Basic Settings and Use CIS 460 - Oscar Vazquez
Practical Demo • LAB Setting • Windows 2000 is installed from scratch on the Target box • LANGUARD app. is installed on Administrator machine • Both PCs are connected to the same network segment • Run on Target NSS Tool just after W 2000 installation • Create a Report • Applied parches • Applied security policies • Shutdown ports and services • Password settings CIS 460 - Oscar Vazquez
Practical Demo (Cont…) • After complete the OS Hardening • Run NSS Tool on Target machine Again • Create a HTML report CIS 460 - Oscar Vazquez
Practical Demo Conclusion • The initial operating system installed showed many vulnerabilities. • The computer could be very easy compromised by a hacker. • LANGuard is an excellent tool to test the security level of an entire network of computers. • Lots of vulnerability can easily be fixed updating software applications and the operating system • In addition to maintain the system up-to-date, is mandatory the execution of operating system hardening to customize the security level of the computer according to the level of the preferred functionality. CIS 460 - Oscar Vazquez
LANGuard Features review… • Network-wide patch management • Check for unused user accounts on workstations • Audit your network for security vulnerabilities • Detect unnecessary shares, open ports & unused user accounts on workstations • Check for and deploy missing security patches & service packs in OS & Office. • Automatically alerts new security holes • Price $495 for 100 IPs, $995 for unlimited IPs. CIS 460 - Oscar Vazquez
LANGuard Questions…?? CIS 460 - Oscar Vazquez