Professional Documents
Culture Documents
Introduction
Take back control of your network.
Keep it clean and secure.
• Intranet
– You can view ALL your trusted devices
– Run from scanner server [database] & multiple
authorized clients
• Internet & Remote Locations
– Verify firewall rules, services available
• De-militarized Zone (DMZ)
– Verify hardened systems policies
• Specific subnet
– Troubleshooting, target a specific system
Verify Scan
Resolve Report
• Benign:
– Inventory
– Auditing
– Security Policy
• Malicious:
– Intruders
– Worms or trojans
– Misconfigured devices
U=Unix W=Windows
INT-3 Network Scanning 16
Superscan 4
• Checks for
Security updates
on local or remote
systems
• Windows checks
• IIS checks
• SQL checks
• Desktop application checks
INT-3 Network Scanning 20
nmap
• The King of scanners
– Free open source utility for network
exploration or security auditing. (U/W)
– Used by Nessus & ISS Internet Scanner
– Flexible, Easy, Powerful, Portable
• Identifies Operating Systems, grabs banners
• UDP, TCP SYN & Connect scans
• Stealth FIN, Xmas Tree, or Null scans
• IP spoofing, Idlescan (blind TCP port scan)
Nmap run completed 1 IP address (1 host up) scanned in 34.962 seconds
INT-3 Network Scanning 22
nmap
SCANNER
SERVER
CLIENT
CONSOLE
DB
LAN
Reports
INT-3 Network Scanning
DEVICES 26
Enterprise Scan Results/Reports
• Historical Trends
• Asset List
• Vulnerability Assessment
– CVE / CAN relation is strongly
recommended (for Criticality)
• Tools:
– ISS Site Protector
– Nessus/ Tenable
• http://nessus.org (U/W)
• http://www.gfi.com (W) LanGuard
• http://www.microsoft.com/mbsa
MBSASetup-EN.msi
U=Unix W=Windows
INT-3 Network Scanning 43
Tool Reference 2/2
• http://www.tenablesecurity.com
Nessus+ (U/W)
• http://www.iss.net Site Protector,
Internet Scanner (W)
• http://www.sans.org/top20/ Reference
• http://knoppix.com
Knoppix: bootable CD with a collection of
GNU/Linux software (U), including
nmap & nessus.
U=Unix W=Windows
INT-3 Network Scanning 44