Security Audit Tools Project
CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009
CT 395 Team B Ann Curran Steven Hoy Amy Bridges Jeffrey Broomall Jeanne Goss Jesse Holt
Retina Network Security Scanner Tool s/retina/download.htm?id=
* designed to run on Windows 2000, XP or 2003 systems * also has the capability of auditing non-Windows devices such as UNIX, Linux, Cisco and other devices * identifies and prioritizes vulnerabilities it finds on a system * provides best practice information in regards to auditing, policy practices, and operating system security * to start a vulnerability scan, a target IP address, filename, job, audit selections, port selections, options, and credentials that have administrative rights must be providedd Retina Network Security Scanner Tool
Reporting Options Available The Reports menu offers 4 different reports * the Executive option (shown below) lists the quantity of vulnerabilities in the order of High, Medium, Low, and Informational, generally a good scan for management to use as an indication on how secure a system is without too much technical information Retina Network Security Scanner Tool
Reporting Options Available (cont’d) The Remediate menu offers 1 detailed remediation report more technical information is displayed to assist a security administrator Retina Network Security Scanner Tool
Microsoft Baseline Security Analyzer us/security/cc aspx#ETB
* designed for small to medium business * useful for standalones computers and home networks * scans computer(s) for misconfigurations, missing patches and updates, and other administrative vulnerabilities * uses Windows Update Advisor and Windows Server Update Service to create a checklist * a synced security and update tool that keeps your Windows environment on the cutting edge and one step ahead of malicious programs and their creators *works for key components of the Microsoft Windows environment, including Microsoft Office, Internet Explorer, and Microsoft Outlook. *compatible with Windows operating systems, as far back as Windows 2000 Server * easily attainable, very user friendly Microsoft Baseline Security Analyzer
* the IP address of the computer to be scan must be entered * choose the desired parameters for the scan Windows administrative vulnerabilities weak passwords IIS administrative vulnerabilities SQL administrative vulnerabilities * simple and effective program * user-friendly and functions like other Windows applications * should be used with an effective security strategy that involve both hardware and software Microsoft Baseline Security Analyzer
AVG Antivirus Program
* antivirus software solution * extremely efficient in detecting infected files * scanning engine uses three methods of virus detection *Works with Windows 2000, Windows XP, Windows XP Pro x64 Edition, Windows Vista, and Windows Vista x64 Edition * features of AVG Anti-virus Scanner Anti-Spyware Anti-Rootkit Link Scanner Web Shield ResidentShield Update Manager License
Sunbelt Network Security Inspector _ &ontId=2651_4&spi=9a20b741ab1774d4fa5a8b adda56ff73&lop=link<ype=dl_d lnow&pid= &mfgId=106327&merId=106327&pg uid=3uSGjgoPjF4AACZLsbIAA AAM&destUrl=http%3A%2F%2Fdownload.cnet.com%2F _ html%3Fspi%3D9a20b741ab1774d4fa5a8badda 56ff73
* an enterprise tool designed to work with large domains * looks at the domain specified on the local machine that is running SNSI
Scan Results - a list of all identified vulnerabilities will be displayed, sorted by risk level to bring the most important vulnerabilities to the attention of the user Sunbelt Network Security Inspector
Project Summary all tools evaluated proved beneficial for protecting networks and computers beneficial and user friendly for network security professionals, as well as general computer users an arsenal of security tools is necessary for complete protection one product does not do it all favorite security tool evaluated AVG antivirus program installing an anti-virus program and keeping definition files up-to- date is an extremely important in keeping computers and networks secure from the myriad of vulnerabilities that exist functional anti-virus product that can be obtained free
Future Implications allow more efficient IT personnel proactive in monitoring and defending their networks instead of repairing down networks from intentional hackers and/or uneducated users required to protect networks insurgence of malware, viruses, and intruding hackers an arsenal of security products is necessary to protect networks Security Audit Tools
End Notes AVG Antivirus and Security Software. (2009). Retrieved August 2009, from Download AVG Trial Version for Free: Linkedin. (2009). Retrieved August 2009, from eEye Digital Security: Microsoft Discussion Groups. (2009). Retrieved August 8, 2009, from Discussions in Security Baseline Analyzer: default.aspx?dg=microsoft.public.security.baseline_analyzer Microsoft Technet. (2008, May 5). Retrieved August 8, 2009, from Microsoft Baseline Security Analyzer 2.1: Microsoft Technet. (2009). Retrieved August 2009, from Microsoft Baseline Security Analyzer - Legacy Product Support: Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from SC Magazine: Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from CNET download.com: &ontId=2651_4&spi=9a20b741ab1774d4fa5a8badda56ff73&lop=link<ype=dl_d lnow&pid= &mfgId=106327&merId=106327&pguid=3uSGjgoPjF4AACZLsbIAAAA M&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-