- NETWORK SCANNER REVIEW PATCH
- NETWORK SCANNER REVIEW FULL
- NETWORK SCANNER REVIEW SOFTWARE
- NETWORK SCANNER REVIEW PASSWORD
- NETWORK SCANNER REVIEW PROFESSIONAL
LANguard detected the no password administrator account, the Sasser backdoor, default sharing, Terminal Services active (we enabled it for the scenario). In essence, this was a 'no privilege' scan. To make life even more difficult, we didn't give LANguard the right credentials like we had before. Hopefully we would be able to finish the scan before LSASS.exe crashed, taking the system down with it. However, this was not good enough for our rigorous requirements, so we infected the box with a healthy dose of Sasser. What better place to set LANguard free than on a Windows XP box, completely unpatched, completely open? If it were setup on the ‘net it would go down within a couple of minutes! It is a box so insecure that it can only be run under VMWare with no connection to the Internet. We were not expecting much to show up on this highly-secured system, so we decided to wander further.
NETWORK SCANNER REVIEW FULL
Here is the full report:Īs you can see, it identified three open ports (no filtering was in place on the loopback interface) as well as MAC address, TTL, operating system etc. Here is the view just after the scan finished:Ĭlicking one of the filters in the left pane brings up a very nicely formatted report, showing you the information you requested (high vulnerabilities, low vulnerabilities, missing patches etc). As we had expected, this box was fairly well locked down. We scanned as the ‘currently logged on user' (an administrator account), which makes a difference, since you see a lot more when scanning with privileges than without. We setup the default scanning profile and scanned our localhost (a mercilessly locked down XP box that resists spirited break-ins from our practice penetration tests). A profile is a description of what you want to scan for, the built in profiles include: In this case it's on the Security Scanner mode where we can quickly setup a target and scan it with a profile. The right panel obviously shows you the results of the scan, or the tool / configuration section you have selected. In fact if you look under the menus at the top, you'll find very few options as just about everything can be controlled or modified from the left panel.
NETWORK SCANNER REVIEW PATCH
From here you can select the security scanner, filter your scan results in a variety of ways, access the tools (such as patch deployment, DNS lookup, traceroute, SNMP audit, SQL server audit etc) and the program configuration as well. The left panel shows all the tools available and is like an ‘actions' pane.
NETWORK SCANNER REVIEW PROFESSIONAL
It gives it that final bit of polish that's needed for a professional package.
NETWORK SCANNER REVIEW SOFTWARE
While some may consider this inconsequential, it's a pleasure to work on software that looks good. No low coloured icons and cluttered toolbars here. Once the program is fully updated, you're greeted with a slick interface that looks like it's been made in. We'd prefer to have the option of updating rather than having it happen every time at startup bu we couldn't find the option to change this behaviour this is a minor point that GFI should add. We fired up the tool and was greeted with a splash screen that checked for a newer version, and downloaded new patch detection files, dictionaries, etc. Installation was the usual Windows deal (Click and see how quickly you can reach ). 10MB is a reasonable size for a program with all the features of this one. Sahir has started carrying around a toolkit on his cell-phone USB drive, where space is at a premium. We must mention that we're partial to tools that aren't too heavy on the disk-space. Getting the tool was easy enough, a quick visit to GFI's intuitively laid out site, and a 10MB download later, we were set to go.
Thus we decided to give their latest offering a spin. We tested a previous version of LANguard and our initial impressions were good. However, most of them are prohibitively priced for the networks we administrate and all of them fell short on the administrative front. Sure, there's a number of very popular (and very expensive) commercial scanners out there. In short, we were looking for a Windows specialist tool. We wanted a tool that didn't just help find holes, but would help administer the systems, deploy patches, view account / password policies etc. In the light of all the recent attacks that tend to focus on the vulnerabilities of Windows platforms, we were increasingly dissatisfied with the common vulnerability scanners that we usually employ. Review by Chris Partsenidis and Sahir Hidayatullah.
0 kommentar(er)
