200 likes | 402 Views
Shadow Security Scanner. Li,Guorui. Introduction. R emote computer vulnerabilities scanner R uns on Windows Operating Systems SSS also scans servers built practically on any platform O ver 2000 security audits L atest edition (V.7.25). Features. Easy used wizard Complete Scan
E N D
Shadow Security Scanner Li,Guorui
Introduction • Remote computer vulnerabilities scanner • Runs on Windows Operating Systems • SSS also scans servers built practically on any platform • Over 2000 security audits • Latest edition (V.7.25)
Features • Easy used wizard • Complete Scan • Full Scan • Quick Scan • Only NetBios Scan • Only FTP Scan • Only HTTP Scan
Ease of use cont’ • Build-in modules
Flexible scanning • add a range of hosts
Flexible scanning cont’ • Scheduler
Up-To-Date Security Vulnerability Database • Automatic updates • BaseSDK • C++ Programming SDK
DoS Checker • Denial of Servicecheck • DoS checker for HTTP, SMTP, FTP, POP3 and IMAP protocols
Multiple Report Format • SSS offersscanned session login XML, PDF, RTF and CHM (compiled HTML) formats
Testing Environment • Test was done in a home network (Windows) Source computer: jesse (192.168.1.93) Target computers: jesse (192.168.1.93) lisaliu (192.168.1.92) tony (192.168.1.152)
TCP Port: 21 (FTP), 22 (SSH), 23(TELNET), 25(SMTP),53(DOMAIN),79(FIGER),80(WWW-HTTP),113(IDENT),119(NNTP),135(PRC-LOCATOR),139(NETBIOS-SSN),143(IMAP),389(LDAP),445(MICROSOFT-DS)
Audits: 19 categories in total of 2532 audits are perform during this test
Results • Shadow Security Scanner took about 7 minutes • SSS has gone through all the modules, 14 ports and 2532 audits for each of the computers on the host list. • Lower than 30 percents of CPU usage
Conclusion • real commercial security scanner • user friendly interface • expendable vulnerabilities database • flexible scanning and reports