CIS 460 – Network Design Seminar独联体460 网络设计研讨会.ppt

12/10/2004 CIS 460 - Oscar Vazquez CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard OVERVIEW Network Security Scanner (N.S.S.) checks network for all potential methods that a hacker might use to attack it. By analyzing the operating system and the applications running on your network, identifies possible security holes. Scanned Vulnerabilities Service pack level security patches Windows NT/2000/2003/XP Microsoft Office Microsoft Exchange Server Microsoft SQL Server virus updates or client software deployment Open shares administrative and printer shares (C$,D$, ADMIN$) shows you who has access to the share. Open ports Port-scanning engine, allowing you to scan your network TCP/IP and UDP Services Identifies well-known services (www / FTP / telnet / SMTP... ) Scanned Vulnerabilities (Cont…) Applications Deploy 3rd party software or patches network-wide Update custom or non-Microsoft software Virus updates Checks for programs that run automatically (potential Trojans) Key registry entries Security auditing policies Start up Log system Weak passwords Maximum password age Password history Minimum password length Basic Settings and Use Scanned Results Nodes by IP HTML Report Comparisons Basic Settings and Use HTML Report Basic Settings and Use Basic Settings and Use Practical Demo LAB Setting Windows 2000 is installed from scratch on the Target box LANGUARD app. is installed on Administrator machine Both PCs are connected to the same network segment Run on Target NSS Tool just after W 2000 installation Create a Report Applied parches Applied security policies Shutdown ports and services Password settings Practical Demo (Cont…) After complete the OS Hardening Run NSS Tool on Target machine Again Create a HTML report Practical Demo Conclusion The initial operating system installed showed many vulnerabilities. The computer could be very easy compromised by a hacker. LANGuard is an excellent tool to test the security level of an