Security Security

Audit ToolsAudit Tools

ProjectProject

CT 395CT 395

IT Security IIT Security I

Professor IgbeareProfessor IgbeareSummer Quarter 2009Summer Quarter 2009

August 25, 2009August 25, 2009

CT 395 Team BCT 395 Team B

Ann CurranAnn Curran

Steven HoySteven HoyAmy Bridges

Jeffrey BroomallJeanne GossJesse Holt

Retina

Network Security

Scanner Tool

http://www.eEye.com/html/products/retina/download.htm?id=090707.094545.562845

* designed to run on Windows 2000, XP or 2003 systems

* also has the capability of auditing non-Windows devices such as UNIX, Linux, Cisco and other devices

* identifies and prioritizes vulnerabilities it finds on a system

* provides best practice information in regards to auditing, policy practices, and operating system security

* to start a vulnerability scan, a target IP address, filename, job, audit selections, port selections, options, and credentials that have administrative rights must be providedd

Retina Network Security Scanner Tool

Reporting Options Available

The Reports menu offers 4 different reports

* the Executive option (shown below) lists the quantity of vulnerabilities in the order of High, Medium, Low, and Informational, generally a good scan for management to use as an indication on how secure a system is without too much technical information

Retina Network Security Scanner Tool

Reporting Options Available (cont’d)

The Remediate menu offers 1 detailed remediation report

more technical information is displayed to assist a security administrator

Retina Network Security Scanner Tool

Microsoft

Baseline

Security Analyzer

http://technet.microsoft.com/en-us/security/cc184923.aspx#ETB

* designed for small to medium business

* useful for standalones computers and home networks

* scans computer(s) for misconfigurations, missing patches and updates, and other administrative vulnerabilities

* uses Windows Update Advisor and Windows Server Update Service to create a checklist

* a synced security and update tool that keeps your Windows environment on the cutting edge and one step ahead of malicious programs and their creators

*works for key components of the Microsoft Windows environment, including Microsoft Office, Internet Explorer, and Microsoft Outlook.

*compatible with Windows operating systems, as far back as Windows 2000 Server

* easily attainable, very user friendly

Microsoft Baseline Security Analyzer

* the IP address of the computer to be scan must be entered

* choose the desired parameters for the scan

• Windows administrative vulnerabilities

• weak passwords

• IIS administrative vulnerabilities

• SQL administrative vulnerabilities

* simple and effective program

* user-friendly and functions like other Windows applications

* should be used with an effective security strategy that involve both hardware and software

Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer

AVG

Antivirus

Program

http://www.avg.com/download-trial

* antivirus software solution

* extremely efficient in detecting infected files

* scanning engine uses three methods of virus detection

*Works with Windows 2000, Windows XP, Windows XP Pro x64 Edition, Windows Vista, and Windows Vista x64 Edition

* features of AVG Anti-virusEmail Scanner Anti-Spyware Anti-RootkitLink ScannerWeb ShieldResident ShieldUpdate ManagerLicense

Sunbelt

Network

Security Inspector

http://dw.com.com/redir?edId=3&siteId=4&oId=3000-2651_ 4-10290146&ontId=2651_4&spi=9a20b741ab1774d4fa5a8badda56ff73&lop=link&ltype=dl_dlnow&pid=10555004&mfgId=106327&merId=106327&pguid=3uSGjgoPjF4AACZLsbIAAAAM&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-2651_4-10290146.html%3Fspi%3D9a20b741ab1774d4fa5a8badda56ff73

* an enterprise tool designed to work with large domains

* looks at the domain specified on the local machine that is running SNSI

Scan Results - a list of all identified vulnerabilities will be displayed, sorted by risk level to bring the most important vulnerabilities to the attention of the user

Sunbelt Network Security Inspector

Sunbelt Network Security Inspector

Project Summary

• all tools evaluated proved beneficial for protecting networks and computers

•beneficial and user friendly for network security professionals, as well as general computer users•an arsenal of security tools is necessary for complete protection•one product does not do it all

•favorite security tool evaluated•AVG antivirus program•installing an anti-virus program and keeping definition files up-to- date is an extremely important in keeping computers and networks secure from the myriad of vulnerabilities that exist•functional anti-virus product that can be obtained free

Future Implications

•allow more efficient IT personnel•proactive in monitoring and defending their networks•instead of repairing down networks from intentional hackers and/or uneducated users

•required to protect networks•insurgence of malware, viruses, and intruding hackers•an arsenal of security products is necessary to protect networks

Security Audit Tools

End NotesAVG Antivirus and Security Software. (2009). Retrieved August 2009, from Download AVG Trial Version

for Free: http://www.avg.com/download-trial

Linkedin. (2009). Retrieved August 2009, from eEye Digital Security:http://www.linkedin.com/companies/eeye-digital-security

Microsoft Discussion Groups. (2009). Retrieved August 8, 2009, from Discussions in Security Baseline

Analyzer: http://www.microsoft.com/communities/newsgroups/enus/default.aspx?dg=microsoft.public.security.baseline_analyzer

Microsoft Technet. (2008, May 5). Retrieved August 8, 2009, from Microsoft Baseline Security Analyzer

2.1: http://technet.microsoft.com/en-us/security/cc184923.aspx#ETB

Microsoft Technet. (2009). Retrieved August 2009, from Microsoft Baseline Security Analyzer - Legacy

Product Support: http://technet.microsoft.com/en-us/security/cc184924.aspx

Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from SC Magazine:

http://www.scmagazineus.com/Sunbelt-Network-Security-Inspector/Review/354/

Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from CNET download.com:http://dw.com.com/redir?edId=3&siteId=4&oId=3000-2651_4-

10290146&ontId=2651_4&spi=9a20b741ab1774d4fa5a8badda56ff73&lop=link&ltype=dl_dlnow&pid=10555004&mfgId=106327&merId=106327&pguid=3uSGjgoPjF4AACZLsbIAAAA

M&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-