CIS 460

1
CIS 460 Network Design Seminar
GFI LANguard

• Network Security Scanner Tool

2
GFI LANguard

• OVERVIEW
• Network Security Scanner (N.S.S.) checks network
  for all potential methods that a hacker might use
  to attack it.
• By analyzing the operating system and the
  applications running on your network, identifies
  possible security holes.

3
Scanned Vulnerabilities

• Service pack level security patches
• Windows NT/2000/2003/XP
• Microsoft Office
• Microsoft Exchange Server
• Microsoft SQL Server
• virus updates or client software deployment
• Open shares
• administrative and printer shares (C,D, ADMIN)
  
• shows you who has access to the share.
• Open ports
• Port-scanning engine, allowing you to scan your
  network
• TCP/IP and UDP
• Services
• Identifies well-known services (www / FTP /
  telnet / SMTP... )

4
Scanned Vulnerabilities (Cont)

• Applications
• Deploy 3rd party software or patches network-wide
• Update custom or non-Microsoft software
• Virus updates
• Checks for programs that run automatically
  (potential Trojans)
• Key registry entries
• Security auditing policies
• Start up
• Log system
• Weak passwords
• Maximum password age
• Password history
• Minimum password length

5
Basic Settings and Use
6
Scanned Results

• Nodes by IP
• HTML Report
• Comparisons

7
Basic Settings and Use
8
HTML Report
9
Basic Settings and Use
10
Basic Settings and Use
11
Practical Demo

• LAB Setting
• Windows 2000 is installed from scratch on the
  Target box
• LANGUARD app. is installed on Administrator
  machine
• Both PCs are connected to the same network
  segment
• Run on Target NSS Tool just after W 2000
  installation
• Create a Report
• Applied parches
• Applied security policies
• Shutdown ports and services
• Password settings

12
Practical Demo (Cont)

• After complete the OS Hardening
• Run NSS Tool on Target machine Again
• Create a HTML report

13
Practical Demo Conclusion

• The initial operating system installed showed
  many vulnerabilities.
• The computer could be very easy compromised by a
  hacker.
• LANGuard is an excellent tool to test the
  security level of an entire network of computers.
  
• Lots of vulnerability can easily be fixed
  updating software applications and the operating
  system
• In addition to maintain the system up-to-date, is
  mandatory the execution of operating system
  hardening to customize the security level of the
  computer according to the level of the preferred
  functionality.

14
LANGuard Features review

• Network-wide patch management
• Check for unused user accounts on workstations
• Audit your network for security vulnerabilities
• Detect unnecessary shares, open ports unused
  user accounts on workstations
• Check for and deploy missing security patches
  service packs in OS Office.
• Automatically alerts new security holes
• Price 495 for 100 IPs, 995 for unlimited IPs.

15
LANGuard

• Questions??