Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25,...
-
Upload
lionel-nichols -
Category
Documents
-
view
218 -
download
3
Transcript of Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25,...
CT 395CT 395
IT Security IIT Security I
Professor IgbeareProfessor IgbeareSummer Quarter 2009Summer Quarter 2009
August 25, 2009August 25, 2009
CT 395 Team BCT 395 Team B
Ann CurranAnn Curran
Steven HoySteven HoyAmy Bridges
Jeffrey BroomallJeanne GossJesse Holt
Retina
Network Security
Scanner Tool
http://www.eEye.com/html/products/retina/download.htm?id=090707.094545.562845
* designed to run on Windows 2000, XP or 2003 systems
* also has the capability of auditing non-Windows devices such as UNIX, Linux, Cisco and other devices
* identifies and prioritizes vulnerabilities it finds on a system
* provides best practice information in regards to auditing, policy practices, and operating system security
* to start a vulnerability scan, a target IP address, filename, job, audit selections, port selections, options, and credentials that have administrative rights must be providedd
Retina Network Security Scanner Tool
Reporting Options Available
The Reports menu offers 4 different reports
* the Executive option (shown below) lists the quantity of vulnerabilities in the order of High, Medium, Low, and Informational, generally a good scan for management to use as an indication on how secure a system is without too much technical information
Retina Network Security Scanner Tool
Reporting Options Available (cont’d)
The Remediate menu offers 1 detailed remediation report
more technical information is displayed to assist a security administrator
Retina Network Security Scanner Tool
* designed for small to medium business
* useful for standalones computers and home networks
* scans computer(s) for misconfigurations, missing patches and updates, and other administrative vulnerabilities
* uses Windows Update Advisor and Windows Server Update Service to create a checklist
* a synced security and update tool that keeps your Windows environment on the cutting edge and one step ahead of malicious programs and their creators
*works for key components of the Microsoft Windows environment, including Microsoft Office, Internet Explorer, and Microsoft Outlook.
*compatible with Windows operating systems, as far back as Windows 2000 Server
* easily attainable, very user friendly
Microsoft Baseline Security Analyzer
* the IP address of the computer to be scan must be entered
* choose the desired parameters for the scan
• Windows administrative vulnerabilities
• weak passwords
• IIS administrative vulnerabilities
• SQL administrative vulnerabilities
* simple and effective program
* user-friendly and functions like other Windows applications
* should be used with an effective security strategy that involve both hardware and software
Microsoft Baseline Security Analyzer
* antivirus software solution
* extremely efficient in detecting infected files
* scanning engine uses three methods of virus detection
*Works with Windows 2000, Windows XP, Windows XP Pro x64 Edition, Windows Vista, and Windows Vista x64 Edition
* features of AVG Anti-virusEmail Scanner Anti-Spyware Anti-RootkitLink ScannerWeb ShieldResident ShieldUpdate ManagerLicense
Sunbelt
Network
Security Inspector
http://dw.com.com/redir?edId=3&siteId=4&oId=3000-2651_ 4-10290146&ontId=2651_4&spi=9a20b741ab1774d4fa5a8badda56ff73&lop=link<ype=dl_dlnow&pid=10555004&mfgId=106327&merId=106327&pguid=3uSGjgoPjF4AACZLsbIAAAAM&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-2651_4-10290146.html%3Fspi%3D9a20b741ab1774d4fa5a8badda56ff73
* an enterprise tool designed to work with large domains
* looks at the domain specified on the local machine that is running SNSI
Scan Results - a list of all identified vulnerabilities will be displayed, sorted by risk level to bring the most important vulnerabilities to the attention of the user
Sunbelt Network Security Inspector
Project Summary
• all tools evaluated proved beneficial for protecting networks and computers
•beneficial and user friendly for network security professionals, as well as general computer users•an arsenal of security tools is necessary for complete protection•one product does not do it all
•favorite security tool evaluated•AVG antivirus program•installing an anti-virus program and keeping definition files up-to- date is an extremely important in keeping computers and networks secure from the myriad of vulnerabilities that exist•functional anti-virus product that can be obtained free
Future Implications
•allow more efficient IT personnel•proactive in monitoring and defending their networks•instead of repairing down networks from intentional hackers and/or uneducated users
•required to protect networks•insurgence of malware, viruses, and intruding hackers•an arsenal of security products is necessary to protect networks
Security Audit Tools
End NotesAVG Antivirus and Security Software. (2009). Retrieved August 2009, from Download AVG Trial Version
for Free: http://www.avg.com/download-trial
Linkedin. (2009). Retrieved August 2009, from eEye Digital Security:http://www.linkedin.com/companies/eeye-digital-security
Microsoft Discussion Groups. (2009). Retrieved August 8, 2009, from Discussions in Security Baseline
Analyzer: http://www.microsoft.com/communities/newsgroups/enus/default.aspx?dg=microsoft.public.security.baseline_analyzer
Microsoft Technet. (2008, May 5). Retrieved August 8, 2009, from Microsoft Baseline Security Analyzer
2.1: http://technet.microsoft.com/en-us/security/cc184923.aspx#ETB
Microsoft Technet. (2009). Retrieved August 2009, from Microsoft Baseline Security Analyzer - Legacy
Product Support: http://technet.microsoft.com/en-us/security/cc184924.aspx
Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from SC Magazine:
http://www.scmagazineus.com/Sunbelt-Network-Security-Inspector/Review/354/
Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from CNET download.com:http://dw.com.com/redir?edId=3&siteId=4&oId=3000-2651_4-
10290146&ontId=2651_4&spi=9a20b741ab1774d4fa5a8badda56ff73&lop=link<ype=dl_dlnow&pid=10555004&mfgId=106327&merId=106327&pguid=3uSGjgoPjF4AACZLsbIAAAA
M&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-