1 gfi languard network security scanner. 2 contents introduction features source & installation...
TRANSCRIPT
1
GFI LANguard Network Security Scanner
2
Contents
Introduction Features Source & Installation Testing environment Results Conclusion
3
Introduction
Importance of Network security Internal SecurityExternal Security
Purpose of GFI LANguard Enable Network admins to perform
Security audit Remote system analysis
4
Features
Security Audit Results in a verbose
manner Flexible scanning
Scan one computer Scan range of computers Scan list of computers Domain specific scan
5
Features (Cont…)
System detection SNMP , NETBIOS
queries , Ping Sweep
Configuring ports for port scan
6
Features (Cont..)
Enumeration of entry pointsSNMP holesCGI holesOpen sharesRogue , Backdoor usersWeak network passwords
7
Features (Cont…)
AlertsWell known security problems are clearly
identified Intelligent scanning Listing of hot-fixes & service packs
8
Features (Contd..)
Remote Machine shutdown Exploitation of NetBIOS vulnerability Enabling auditing Sending spoofed messages Scheduling scans & automatic update of
scans Gathering information & displaying using
report generator
9
Features (Contd..)
Scripting Language: LANS: LANguard Scripting language GFI LANguard contains its own scripting
editorAllows users to create custom script which will
be executed on the remote host as when accessed
10
Features (Contd..)
Tools: SNMP Walk
By performing SNMP walk potential hackers or malicious users will get lot of information about the system
11
Features (Contd..)
Tools (Contd..) Trace route
DNS look up
12
Tools (Contd..) SNMP Audit
SNMP audit allows to detect weak community strings.
13
Tools (Contd..) MS-SQL Audit
14
Tools (Contd..) Enumerated
Computers
15
Source & Installation
Downloaded GFILANguard from www.gfi.com
Minimum requirements as set by vendorOS: Win 2000/2003/XP IE 5.1 +Client for Microsoft networks be installedNo personal firewall settings
16
Testing Environment
Setting options:
17
Testing Environment (Contd..)
18
Testing Environment (Contd..)
19
Results
Source IP address : 137.207.234.120 CASE -1 :
Destination IP: 137.207.234.138 Scan parameters: As specified earlier
20
21
Results (Contd..)
CASE –II : SunSolaris
22
Results (Contd..) Script execution:
hostname = "agardel2" # my desktop computer
// name of the system from which the script is running
ip = dnslookup(hostname) // using the function dnslookup if ip <> "" echo("hostname: " + hostname) echo("resolved as: " + ip, _color_blue) # now backwards:) hostname = ReverseDnsLookup(ip) if hostname <> "" echo("back to: " + hostname,) end if else echo("unable to resolve " + hostname + " !", \ _color_red) end if
23
Conclusion
GFI LANguard is a very good tool in detecting and analysis of vulnerabilities User – defined Scripting language : LANSVerbose representation of DataGenerating Reports
24
References
www.gfi.com