Linx
|
Review of GFI LANguard Network Security ScannerReview of GFI LANguard Network Security Scanner
GFI LANguard NSS is an administrative tool capable of scanning IP ranges within networks and detecting various things such as vulnerabilities, USB devices, shared areas and even what applications they are running so you can perform a software roll out if needed.
GFI LANGuard N.S.S. is a handy tool in he respect that you can secure your system quickly and easily before a hacker even sees them… Dilema is that hackers also use this tool to find shared areas to exploit, especially the IPC$ share.
Aside from vulnerability scans GFI LANguard N.S.S. can perform automated rollout of various software such as Windows Service Packs. It also provides the ability to roll out custom software, for those of you in the know, this will allow Trojans and Worms to be installed as well if they have the administrator password. Other features also include:
• Check for unused user accounts on workstations
• Audit your network for security vulnerabilities (Windows and Linux)
• Detect unnecessary shares, open ports & unused user accounts on workstations
• Check for and deploy missing security patches & service packs in OS & Office
• Wireless node/link detection and USB device scanning
New Features In Version 6.0
The latest version of LANguard N.S.S. comes with a variety of new features including:
• Detects wireless network devices
• Detects and reports USB devices (can also generate high security alerts when particular devices are detected like removable hard disks)
• Highly improved network devices reporting
• Checks status of GFI LANguard Portable Storage Control (P.S.C.)
• Support for SSH (allowing even more security checks to be created for the Linux OS)
• Multithread scan engine (scan multiple machines TOGETHER)
• Status monitor for scheduled operations (scans and deployments)
• Supports saving and re-loading of saved scan results to and from database/XML files. You can also restart operations from a saved scan as if the security scan was just made
• Shares - Both NTFS and Share permissions are now reported.
The LANguard N.S.S. installation was fairly straight-forward and simple. You do need to give LANguard N.S.S. a password for an account with Domain Administrator privileges in order for it to function, however you can change this whilst scanning so this need not be necessary.
The NSS GUI looks severely in depth but you need not use more than a few buttons to completely exploit a network….. I mean perform a complete security audit.
I think one of the most common things I have found whilst performing security audits is the amount of shares without permissions! That and people who think they don’t need to assign a password to the administrator account :-s
For arguments sake, lets look through the mind of a hacker…
He scans the network and finds that the admin password has not been set on your PC, he also discovers that the IPC$ administrative share has not been removed. He now has an access point to upload a Trojan alongside a keylogger and log back in and out of your system without you knowing he was there!
Well worth downloading the trial to test I wont tell you how you should go about buying it ;) lol
Nice one, Peace Out,
Linx
|
