Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

Published byLionel Nichols Modified over 8 years ago

Similar presentations

Presentation on theme: "Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009."— Presentation transcript:

1 Security Audit Tools Project

2 CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009

3 CT 395 Team B Ann Curran Steven Hoy Amy Bridges Jeffrey Broomall Jeanne Goss Jesse Holt

4 Retina Network Security Scanner Tool http://www.eEye.com/html/product s/retina/download.htm?id=090707. 094545.562845

5 * designed to run on Windows 2000, XP or 2003 systems * also has the capability of auditing non-Windows devices such as UNIX, Linux, Cisco and other devices * identifies and prioritizes vulnerabilities it finds on a system * provides best practice information in regards to auditing, policy practices, and operating system security * to start a vulnerability scan, a target IP address, filename, job, audit selections, port selections, options, and credentials that have administrative rights must be providedd Retina Network Security Scanner Tool

6 Reporting Options Available The Reports menu offers 4 different reports * the Executive option (shown below) lists the quantity of vulnerabilities in the order of High, Medium, Low, and Informational, generally a good scan for management to use as an indication on how secure a system is without too much technical information Retina Network Security Scanner Tool

7 Reporting Options Available (cont’d) The Remediate menu offers 1 detailed remediation report more technical information is displayed to assist a security administrator Retina Network Security Scanner Tool

8 Microsoft Baseline Security Analyzer http://technet.microsoft.com/en- us/security/cc184923.aspx#ETB

9 * designed for small to medium business * useful for standalones computers and home networks * scans computer(s) for misconfigurations, missing patches and updates, and other administrative vulnerabilities * uses Windows Update Advisor and Windows Server Update Service to create a checklist * a synced security and update tool that keeps your Windows environment on the cutting edge and one step ahead of malicious programs and their creators *works for key components of the Microsoft Windows environment, including Microsoft Office, Internet Explorer, and Microsoft Outlook. *compatible with Windows operating systems, as far back as Windows 2000 Server * easily attainable, very user friendly Microsoft Baseline Security Analyzer

10 * the IP address of the computer to be scan must be entered * choose the desired parameters for the scan Windows administrative vulnerabilities weak passwords IIS administrative vulnerabilities SQL administrative vulnerabilities * simple and effective program * user-friendly and functions like other Windows applications * should be used with an effective security strategy that involve both hardware and software Microsoft Baseline Security Analyzer

11

12 AVG Antivirus Program http://www.avg.com/download-trial

13 * antivirus software solution * extremely efficient in detecting infected files * scanning engine uses three methods of virus detection *Works with Windows 2000, Windows XP, Windows XP Pro x64 Edition, Windows Vista, and Windows Vista x64 Edition * features of AVG Anti-virus Email Scanner Anti-Spyware Anti-Rootkit Link Scanner Web Shield ResidentShield Update Manager License

14

15

16 Sunbelt Network Security Inspector http://dw.com.com/redir?edId=3&siteId=4&oId=3000- 2651_ 4- 10290146&ontId=2651_4&spi=9a20b741ab1774d4fa5a8b adda56ff73&lop=link&ltype=dl_d lnow&pid=10555004&mfgId=106327&merId=106327&pg uid=3uSGjgoPjF4AACZLsbIAA AAM&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3 001-2651_4- 10290146.html%3Fspi%3D9a20b741ab1774d4fa5a8badda 56ff73

17 * an enterprise tool designed to work with large domains * looks at the domain specified on the local machine that is running SNSI

18 Scan Results - a list of all identified vulnerabilities will be displayed, sorted by risk level to bring the most important vulnerabilities to the attention of the user Sunbelt Network Security Inspector

19

20 Project Summary all tools evaluated proved beneficial for protecting networks and computers beneficial and user friendly for network security professionals, as well as general computer users an arsenal of security tools is necessary for complete protection one product does not do it all favorite security tool evaluated AVG antivirus program installing an anti-virus program and keeping definition files up-to- date is an extremely important in keeping computers and networks secure from the myriad of vulnerabilities that exist functional anti-virus product that can be obtained free

21 Future Implications allow more efficient IT personnel proactive in monitoring and defending their networks instead of repairing down networks from intentional hackers and/or uneducated users required to protect networks insurgence of malware, viruses, and intruding hackers an arsenal of security products is necessary to protect networks Security Audit Tools

22 End Notes AVG Antivirus and Security Software. (2009). Retrieved August 2009, from Download AVG Trial Version for Free: http://www.avg.com/download-trial Linkedin. (2009). Retrieved August 2009, from eEye Digital Security: http://www.linkedin.com/companies/eeye-digital-security Microsoft Discussion Groups. (2009). Retrieved August 8, 2009, from Discussions in Security Baseline Analyzer: http://www.microsoft.com/communities/newsgroups/enus/ default.aspx?dg=microsoft.public.security.baseline_analyzer Microsoft Technet. (2008, May 5). Retrieved August 8, 2009, from Microsoft Baseline Security Analyzer 2.1: http://technet.microsoft.com/en-us/security/cc184923.aspx#ETB Microsoft Technet. (2009). Retrieved August 2009, from Microsoft Baseline Security Analyzer - Legacy Product Support: http://technet.microsoft.com/en-us/security/cc184924.aspx Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from SC Magazine: http://www.scmagazineus.com/Sunbelt-Network-Security-Inspector/Review/354/ Sunbelt Network Security Inspector. (2009, August). Retrieved August 2009, from CNET download.com: http://dw.com.com/redir?edId=3&siteId=4&oId=3000-2651_4- 10290146&ontId=2651_4&spi=9a20b741ab1774d4fa5a8badda56ff73&lop=link&ltype=dl_d lnow&pid=10555004&mfgId=106327&merId=106327&pguid=3uSGjgoPjF4AACZLsbIAAAA M&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-

Download ppt "Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009."

Similar presentations

Configuring Windows to run Dr.Web scanner remotely.

Configuring Windows to run Dr.Web scanner remotely.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
AVG Internet Security 7.5 Product presentation.

AVG Internet Security 7.5 Product presentation.
AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.

AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.

How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Microsoft Security Resources. URL’s for this talk All URL’s mentioned in this talk can be found here: All URL’s mentioned in this talk can be found here:

Microsoft Security Resources. URL’s for this talk All URL’s mentioned in this talk can be found here: All URL’s mentioned in this talk can be found here:
By Joshua T. I. Towers. 13.3 $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.

By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Task Scheduler Pro Managing scheduled tasks across the enterprise Joe Vachon Sales Engineer.

Task Scheduler Pro Managing scheduled tasks across the enterprise Joe Vachon Sales Engineer.

Similar presentations

Ads by Google