Audit Tools That Won t Break the Bank



Similar documents
ITEC441- IS Security. Chapter 15 Performing a Penetration Test

4. Getting started: Performing an audit

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

Hosts HARDENING WINDOWS NETWORKS TRAINING

LESSON Windows Server Administration Fundamentals. Understand Updates

AN OVERVIEW OF VULNERABILITY SCANNERS

Windows Operating Systems. Basic Security

Microsoft Baseline Security Analyzer (MBSA)

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

NCIRC Security Tools NIAPC Submission Summary Microsoft Baseline Security Analyzer (MBSA)

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows Server Update Services 3.0 SP2

GFI Product Manual. Administration and Configuration Manual

2. Installing GFI LANguard Network Security Scanner

Security Maintenance Practices. IT 4823 Information Security Administration. Patches, Fixes, and Revisions. Hardening Operating Systems

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows InTune (October 2013 Release)

Installing T-HUB on multiple computers

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

Vulnerability Scanning and Patch Management

GFI Product Comparison. GFI LanGuard 2011 vs Microsoft Baseline Security Analyzer 2.2

Where can I install GFI EventsManager on my network?

Why The Security You Bought Yesterday, Won t Save You Today

Implementing Security Update Management

Medical Device Security Health Group Digital Output

User Guide Microsoft Exchange Remote Test Instructions

GFI White Paper PCI-DSS compliance and GFI Software products

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

WolfTech Active Directory: Diagnostic Tools

RES ONE Automation 2015 Task Overview

Insightix Discovery & NAC. Lite Edition. Installation Guide. Version 3.0. May United States. International 945 Concord St.

Cyber R &D Research Roundtable

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DR V2.0

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Where can I install GFI EventsManager on my network?

C13 - Establishing a Windows Baseline Mike Villegas

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

Lab Configuring Access Policies and DMZ Settings

GFI Product Manual. Installation and Setup Guide

GFI Product Manual. Administrator Guide

Knowledge Base Article: Article 218 Revision 2 How to connect BAI to a Remote SQL Server Database?

Using Foundstone CookieDigger to Analyze Web Session Management

AUDIT INFORMATION CONTENT

NETWORK PENETRATION TESTING

LT Auditor+ for Windows

Securing Your Network Environment. Software Distribution & Patch Management

Installation Guide. (June 2014)

GFI LANguard Network Security Scanner 3.3. Manual. By GFI Software Ltd.

AdminToys Suite. Installation & Setup Guide

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Steven Kaplan, CISSP, CISA Accuvant Sandra Bittner, CISSP Arizona Public Service Palo Verde Nuclear Generating Station

1. Server Microsoft FEP Instalation

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

IBM Security QRadar SIEM Version MR1. Vulnerability Assessment Configuration Guide

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

TECHNICAL AUDITS FOR CERTIFYING EUROPEAN CITIZEN COLLECTION SYSTEMS

Network Detective. HIPAA Compliance Module RapidFire Tools, Inc. All rights reserved V

Paranet Solutions Network Discovery Client. Paranet Professional Services

Remote Administration

Dell Statistica Statistica Enterprise Installation Instructions

Practical Guidance for Auditing IT General Controls. September 2, 2009

How To Use A Policy Auditor (Macafee) To Check For Security Issues

Manually Add Programs to Your Firewall or Anti-Virus Programs Trusted List. ZoneAlarm

Patch management with GFI LANguard and Microsoft WSUS

GFI Product Comparison. GFI LanGuard 2011 vs Retina Network Security Scanner

KB Microsoft Network Security Hotfix Checker (Hfnetchk.exe) Tool Is Available

Installing GFI LANguard Network Security Scanner

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

Preliminary Course Syllabus

Activity 1: Scanning with Windows Defender

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Need for Database Security. Whitepaper

Installation and Setup Guide

How To Install A New Database On A 2008 R2 System With A New Version Of Aql Server 2008 R 2 On A Windows Xp Server 2008 (Windows) R2 (Windows Xp) (Windows 8) (Powerpoint) (Mysql

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration. Chapter 11 Managing and Monitoring a Windows Server 2008 Network

FREQUENTLY ASKED QUESTIONS

IBM Security QRadar Version Vulnerability Assessment Configuration Guide IBM

SQL Server 2005 Express Installation guide

LT Auditor Windows Assessment SP1 Installation & Configuration Guide

GFI LANguard 9. Manual. By GFI Software Ltd.

Patch management with WinReporter and RemoteExec

Symantec Event Collector 4.3 for Microsoft Windows Quick Reference

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Issue Tracking Anywhere Installation Guide

Symantec Backup Exec 2010 R2. Quick Installation Guide

inforouter V8.0 Server & Client Requirements

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1.

GTS Software Pty Ltd. Remote Desktop Services

GFI Product Manual. Administrator Guide

GFI Product Manual. Administrator Guide

VPS Remote Computing. Connecting to a Windows Server for the first time. 1 Your Server has been installed. 2 Finding the login details for your Server

Transcription:

Audit Tools That Won t Break the Bank 2011 Date or subtitle Presented by: Mark Scholl, Partner 1 Background These tools do not require a strong technical background! Do not scan or install tools without authorization!!! May be a violation of your acceptable use policy Can disrupt applications and services running on your network Intrusion detection system Tools run on Microsoft systems 2 Copyright 2011- Wipfli LLP 1

Presentation Objectives Discuss and demonstrate tools that can: Verify V security settings Enumerate system information Identify vulnerabilities due to weak security settings and missing security updates Remediate R t vulnerabilities Monitor your information systems 3 Tools Microsoft Security Baseline Analyzer AutoRuns PSInfo SNScan DumpSec GFI Languard 4 Copyright 2011- Wipfli LLP 2

Microsoft Baseline Security Analyzer (MBSA) http://www.microsoft.com/technet/security Scans Microsoft hosts only Does not apply updates or fix security holes only identifies them Also identifies updates for SQL, Exchange,.NET, and Office Scans remote Microsoft computers Requires XML updates to account for new security updates 5 Microsoft Baseline Security Analyzer (MBSA) Critical Security Update and Service Pack Status Windows 2003, 2008, XP, Vista, and Windows 7 Internet Information Server (IIS) SQL Server Exchange Server Office 2003, XP, 2007, 2010 (local scan only) 6 Copyright 2011- Wipfli LLP 3

Microsoft Baseline Security Analyzer (MBSA) Missing security updates Account A t vulnerabilities Weak security settings File system vulnerabilities 7 Microsoft Baseline Security Analyzer (MBSA) Demonstration 8 Copyright 2011- Wipfli LLP 4

Autoruns for Windows Part of the Windows Sysinternals suite of tools http://technet.microsoft.com/en-us/sysinternals Shows what programs are configured to autostart during system boot and login You can download the program or run live from the website Great for identifying registry entries that automatically start malicious code Warning: You can modify registry settings using this tool 9 Autoruns 10 Copyright 2011- Wipfli LLP 5

PSInfo Part of the Windows Sysinternals PSTools suite http://technet.microsoft.com/en-us/sysinternals com/en Provides a report with basic documentation of the system Microsoft systems only Can be run against the local machine or against remote systems Must be run from the command line >psinfo /? For help 11 PSInfo 12 Copyright 2011- Wipfli LLP 6

SNScan Part of the free downloads available at the McAfee Foundstone website http://www.mcafee.com/us/downloads/freetools/index.aspx Scans for devices using default SNMP settings Simple Network Management Protocol is often installed by default on many network devices many times this protocol can simply be disabled 13 SNScan 14 Copyright 2011- Wipfli LLP 7

DumpSec http://www.somarsoft.com Audit A Tool for Reporting on: User accounts Password requirements Group membership File share permissions 15 DumpSec 16 Copyright 2011- Wipfli LLP 8

GFI Languard http://www.gfi.com 1-year license starts at $320-30-Day free trial Performs credential vulnerability scanning Inventories your computers hardware, applications, and system information Can remediate vulnerabilities by installing patches Microsoft, Adobe, Java, etc. Generates audit reports 17 GFI Languard 18 Copyright 2011- Wipfli LLP 9

Other Audit Tools Spiceworks Nmap/Znmap GFI EventsManager Nessus Backtrack 5 Other Tools??? 19 Contact Information Mark Scholl, Partner mscholl@wipfli.com 815.626.1277 Certified Ethical Hacker (CEH) Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Microsoft Certified Systems Engineer (MCSE) Copyright 2011- Wipfli LLP 10

www.wipfli.com 21 Copyright 2011- Wipfli LLP 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information