![Page 1: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/1.jpg)
Retina Network Security Scanner
By
Ajith U Kamath
60-564 Project
![Page 2: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/2.jpg)
AGENDA
• Introduction
• Installation procedure
• Features
• Test cases and results
• Points noted during testing
• Conclusion
![Page 3: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/3.jpg)
INTRODUCTION
Importance of Network Security Scanner
Retina Network Security Scanner
![Page 4: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/4.jpg)
INSTALLATION
System Requirements
Download from http://www.eeye.com/html/products/retina/download/index.html
Install
![Page 5: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/5.jpg)
FEATURES – Retina Session
![Page 6: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/6.jpg)
FEATURES (Cont…)
Discover Tab
Discover network machines
Customizable TCP, UDP, and ICMP discovery, OS detection, and general machine information
Retina can also be configured to discover active wireless devices
Additional IP’s with Retina licenses on the network
![Page 7: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/7.jpg)
FEATURES (Cont…)
Target Types
![Page 8: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/8.jpg)
FEATURES (Cont…)
Audit Tab
![Page 9: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/9.jpg)
FEATURES (Cont…)
Modifying the Port Groups
• All Ports
• Discovery Ports
• HTTP Ports
• NetBIOS Ports
• Custom Ports added
![Page 10: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/10.jpg)
FEATURES (Cont…)
Modifying Audit Groups All Audits
SANS20 [All]
SANS20 [Unix]
SANS20 [Windows]
Custom Audit Groups
![Page 11: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/11.jpg)
Remediate Tab Generate reports used in remediation
management
Create customized reports
FEATURES (Cont…)
![Page 12: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/12.jpg)
FEATURES (Cont…)
Configurations pane
Scan Jobs
Results
![Page 13: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/13.jpg)
Report Tab Detailed information gathered by the
scanner
Customized reports
Report can be opened in MS Word or Internet Explorer
FEATURES (Cont…)
![Page 14: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/14.jpg)
Network Configuration
TEST CASES AND RESULTS
Switch -1 Switch -2
137.207.234.57IBM Server
Red Hat Linux
`
137.207.234.119 Dell MachineWindows XP
`
137.207.234.151Windows 2000 Professional
100Mbps link
137.207.234.56IBM ServerWindows Server 2003
![Page 15: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/15.jpg)
TEST CASES AND RESULTS
Test Case One Aim: To scan the ports on the windows
server.
Description: To run the complete scan of all the ports on the windows server.
Test Result: Passed
![Page 16: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/16.jpg)
TEST CASES AND RESULTS
![Page 17: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/17.jpg)
TEST CASES AND RESULTS
Test Case Two Aim: To scan the Red Hat Linux server and
match the result with other security tool.
Description: By comparing the result with other network security tool like GFI LANguard we can actually check whether the result produced by Retina Scanner is proper or it lacks in giving some information.
Test Result: Failed.
![Page 18: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/18.jpg)
TEST CASES AND RESULTSThe result obtained from Retina
![Page 19: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/19.jpg)
TEST CASES AND RESULTSThe result obtained from GFI LANguard
![Page 20: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/20.jpg)
TEST CASES AND RESULTS
Test Case Three Aim: To test whether retina network scanner will detect
the users weak passwords Description: The user account in question could have a
password that is exactly the same as the account name except for it is backwards. Therefore an attacker could easily guess this password and gain access to your system via this account and then further their access into your network.
Test Condition: Created a user account ‘kamath’ with password as ‘htamak’ i.e. opposite to the user login name on 137.207.234.151 machine.
Test Result: Passed
![Page 21: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/21.jpg)
TEST CASES AND RESULTS
![Page 22: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/22.jpg)
TEST CASES AND RESULTS
Test Case Four Aim: To test the windows server 2003 for
CVE-2000-1200.
Description: Windows NT allows remote attackers to list all users in a domain by obtaining the domain security identifier (SID) with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.
Test Result: Passed
![Page 23: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/23.jpg)
TEST CASES AND RESULTS
![Page 24: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/24.jpg)
POINTS NOTED DURING TESTING
The results were not consistent in few test cases. The following diagrams shows while the network is discovered using the software.
![Page 25: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/25.jpg)
POINTS NOTED DURING TESTING
In the following diagram, the Mac address for machine 137.207.234.151 is not displayed.
![Page 26: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/26.jpg)
POINTS NOTED DURING TESTING
When the same machine is discovered again, Mac address is displayed.
![Page 27: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/27.jpg)
POINTS NOTED DURING TESTING
The software was unstable during testing. When the link connecting to the destination went down while the retina was still scanning the machine, scanner hanged. The scanner was not responding for any commands. But the problem could not be reproduced when tested under the same conditions again.
![Page 28: Retina Network Security Scanner By Ajith U Kamath 60-564 Project](https://reader035.vdocuments.net/reader035/viewer/2022062305/5697bfba1a28abf838ca05d3/html5/thumbnails/28.jpg)
Conclusion
The 2004 Readers' Choice Best Security Scanner award
User friendly interface
Many features included
Could not scan medium risk vulnerabilities when compared to other tools.