GFI LANguard Network Security Scanner 1 Contents Introduction

  • Slides: 24
Download presentation
GFI LANguard Network Security Scanner 1

GFI LANguard Network Security Scanner 1

Contents Introduction n Features n Source & Installation n Testing environment n Results n

Contents Introduction n Features n Source & Installation n Testing environment n Results n Conclusion n 2

Introduction n Importance of Network security ¨ Internal Security ¨ External Security n Purpose

Introduction n Importance of Network security ¨ Internal Security ¨ External Security n Purpose of GFI LANguard ¨ Enable Network admins to perform Security audit n Remote system analysis n 3

Features n Security Audit ¨ Results in a verbose manner ¨ Flexible scanning n

Features n Security Audit ¨ Results in a verbose manner ¨ Flexible scanning n n Scan one computer Scan range of computers Scan list of computers Domain specific scan 4

Features (Cont…) n System detection ¨ SNMP , NETBIOS queries , Ping Sweep n

Features (Cont…) n System detection ¨ SNMP , NETBIOS queries , Ping Sweep n Configuring ports for port scan 5

Features (Cont. . ) n Enumeration of entry points ¨ SNMP holes ¨ CGI

Features (Cont. . ) n Enumeration of entry points ¨ SNMP holes ¨ CGI holes ¨ Open shares ¨ Rogue , Backdoor users ¨ Weak network passwords 6

Features (Cont…) n Alerts ¨ Well known security problems are clearly identified ¨ Intelligent

Features (Cont…) n Alerts ¨ Well known security problems are clearly identified ¨ Intelligent scanning ¨ Listing of hot-fixes & service packs 7

Features (Contd. . ) Remote Machine shutdown n Exploitation of Net. BIOS vulnerability n

Features (Contd. . ) Remote Machine shutdown n Exploitation of Net. BIOS vulnerability n Enabling auditing n Sending spoofed messages n Scheduling scans & automatic update of scans n Gathering information & displaying using report generator n 8

Features (Contd. . ) n Scripting Language: LANS: LANguard Scripting language ¨ GFI LANguard

Features (Contd. . ) n Scripting Language: LANS: LANguard Scripting language ¨ GFI LANguard contains its own scripting editor ¨ Allows users to create custom script which will be executed on the remote host as when accessed ¨ 9

Features (Contd. . ) n Tools: ¨ SNMP Walk By performing SNMP walk potential

Features (Contd. . ) n Tools: ¨ SNMP Walk By performing SNMP walk potential hackers or malicious users will get lot of information about the system 10

Features (Contd. . ) n Tools (Contd. . ) ¨ Trace ¨ DNS route

Features (Contd. . ) n Tools (Contd. . ) ¨ Trace ¨ DNS route look up 11

n Tools (Contd. . ) ¨ SNMP Audit SNMP audit allows to detect weak

n Tools (Contd. . ) ¨ SNMP Audit SNMP audit allows to detect weak community strings. 12

n Tools (Contd. . ) ¨ MS-SQL Audit 13

n Tools (Contd. . ) ¨ MS-SQL Audit 13

n Tools (Contd. . ) ¨ Enumerated Computers 14

n Tools (Contd. . ) ¨ Enumerated Computers 14

Source & Installation Downloaded GFILANguard from www. gfi. com n Minimum requirements as set

Source & Installation Downloaded GFILANguard from www. gfi. com n Minimum requirements as set by vendor n ¨ OS: Win 2000/2003/XP ¨ IE 5. 1 + ¨ Client for Microsoft networks be installed ¨ No personal firewall settings 15

Testing Environment n Setting options: 16

Testing Environment n Setting options: 16

Testing Environment (Contd. . ) 17

Testing Environment (Contd. . ) 17

Testing Environment (Contd. . ) 18

Testing Environment (Contd. . ) 18

Results Source IP address : 137. 207. 234. 120 n CASE -1 : n

Results Source IP address : 137. 207. 234. 120 n CASE -1 : n ¨ Destination IP: 137. 207. 234. 138 ¨ Scan parameters: As specified earlier 19

20

20

Results (Contd. . ) n CASE –II : Sun. Solaris 21

Results (Contd. . ) n CASE –II : Sun. Solaris 21

Results (Contd. . ) n Script execution: hostname = "agardel 2" # my desktop

Results (Contd. . ) n Script execution: hostname = "agardel 2" # my desktop computer ¨ // name of the system from which the script is running ¨ ip = dnslookup(hostname) ¨ // using the function dnslookup ¨ if ip <> "" ¨ echo("hostname: " + hostname) ¨ echo("resolved as: " + ip, _color_blue) ¨ # now backwards: ) ¨ hostname = Reverse. Dns. Lookup(ip) ¨ if hostname <> "" ¨ echo("back to: " + hostname, ) ¨ end if ¨ else ¨ echo("unable to resolve " + hostname + " !", ¨ _color_red) ¨ end if 22

Conclusion n GFI LANguard is a very good tool in ¨ detecting and analysis

Conclusion n GFI LANguard is a very good tool in ¨ detecting and analysis of vulnerabilities ¨ User – defined Scripting language : LANS ¨ Verbose representation of Data ¨ Generating Reports 23

References n www. gfi. com 24

References n www. gfi. com 24

Scanner Scanner import java util Scanner scanner ScannerScanner Scanner import java util Scanner scanner Scanner
GFI LANguard CIS 460 Network Design Seminar NetworkGFI LANguard CIS 460 Network Design Seminar Network
GFI LANguard N S S VS Ne WTGFI LANguard N S S VS Ne WT
Scanner Scanner Introduction Scanner is an input deviceScanner Scanner Introduction Scanner is an input device
Primary Information Scanner Barcode scanner Scanner Form FactorPrimary Information Scanner Barcode scanner Scanner Form Factor
2 Scanner Scanner scanner new Scanner12 12 42 Scanner Scanner scanner new Scanner12 12 4
SCANNER LEASING Scanner Agreement The Bio Photonic ScannerSCANNER LEASING Scanner Agreement The Bio Photonic Scanner
SCANNER O que um scanner Um scanner umSCANNER O que um scanner Um scanner um
Scanner 1 Scanner 2301373 Introduction to Compilers OutlineScanner 1 Scanner 2301373 Introduction to Compilers Outline
Network Security Scanner Network vulnerability scanning patch managementNetwork Security Scanner Network vulnerability scanning patch management
Network fax server for ExchangeSMTP GFI FAXmaker forNetwork fax server for ExchangeSMTP GFI FAXmaker for
votre scanner devient intelligent Drivve Votre scanner devientvotre scanner devient intelligent Drivve Votre scanner devient
Scanner class for input Instantiate a new scannerScanner class for input Instantiate a new scanner
Using The Scanner for Input Using the ScannerUsing The Scanner for Input Using the Scanner
1600 series Scanner PocketSize 1600 series PocketSize Scanner1600 series Scanner PocketSize 1600 series PocketSize Scanner
CPSC 325 Compiler Tutorial 1 Scanner Parser ScannerCPSC 325 Compiler Tutorial 1 Scanner Parser Scanner
A Mengenal Scanner Scanner yaitu alat yang dapatA Mengenal Scanner Scanner yaitu alat yang dapat
Objektno orijentisano programiranje Scanner izvod iz Scanner htmlObjektno orijentisano programiranje Scanner izvod iz Scanner html
PRINCIPE GENERAL UTILITE DU SCANNER Le scanner permetPRINCIPE GENERAL UTILITE DU SCANNER Le scanner permet
CT Scanner Detection system CT Scanner n GeneratorCT Scanner Detection system CT Scanner n Generator
Wire Scanner Instrumentation Overview Existing Wire Scanner AlgorithmWire Scanner Instrumentation Overview Existing Wire Scanner Algorithm
n Port Scanner n n nmapstrobe Vulnerability Scannern Port Scanner n n nmapstrobe Vulnerability Scanner
BONUS SCANNER Bonus Oprateur Scanner Bonus premier scanBONUS SCANNER Bonus Oprateur Scanner Bonus premier scan