1 Presentation ISS Security Scanner & Retina by Adnan Khairi 100183586.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Essential NetTools Pranay Kumar. Essential NetTools  This tool is a set of network tools useful in diagnosing networks and monitoring your computer's.

AVG Internet Security 7.5 Product presentation.

System Security Scanning and Discovery Chapter 14.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Network Security Testing Techniques Presented By:- Sachin Vador.

Computer Security and Penetration Testing

Lesson 19: Configuring Windows Firewall

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Task Scheduler Pro Managing scheduled tasks across the enterprise Joe Vachon Sales Engineer.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Windows Vista: Volume Activation 2.0

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Module 7: Configuring TCP/IP Addressing and Name Resolution.

1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.

Penetration Testing Security Analysis and Advanced Tools: Snort.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Chapter 9: Novell NetWare

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Project 2. Introduction Network Vulnerability Assessment “A review of a system of systems to identify weaknesses or errors in design, implementation,

CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.

Shadow Security Scanner Li,Guorui. Introduction Remote computer vulnerabilities scanner Runs on Windows Operating Systems SSS also scans servers built.

Honeypot and Intrusion Detection System

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

Troubleshooting Windows Vista Security Chapter 4.

Module 14: Configuring Server Security Compliance

Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 Vulnerability Analysis and Patches Management Using Secure Mobile Agents Presented by: Muhammad Awais Shibli.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

Linux Networking and Security

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.

Trinity Uses Nmap, shouldn’t you?. From “The Art of War” "... knowing your enemy 100% of the time, you will win your battle 100% of the time, knowing.

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Network Monitor By Zhenhong Zhao. What is the Network Monitor? The Network Monitor is a tool that gets information off of the host on the LAN. – Enumerating.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

TCOM Information Assurance Management System Hacking.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Retina Network Security Scanner

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Web Security. Introduction Webserver hacking refers to attackers taking advantage of vulnerabilities inherent to the web server software itself These.

How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.

Syo-401 Question Answer. QUESTION 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the.

Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer.

COMP1321 Digital Infrastructure Richard Henson March 2016.

© SYBEX Inc All Rights Reserved. CompTIA Security+ Study Guide (SY0-201) “Chapter 2: Identifying Potential Risks”

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Call AVG Antivirus Support | Fix Your PC

Lesson 16-Windows NT Security Issues

Operating System Concepts

Presentation transcript:

1 Presentation ISS Security Scanner & Retina by Adnan Khairi

2 ISS Security Scanner & Retina

3 Introduction ISS Security Scanner The Internet Security Scanner was designed to help administrators explore and log network security vulnerabilities associated with TCP/IP host services. Internet Scanner started off in 1992 as a tiny Open Source scanner by Christopher Klaus. Shareware.

4 Introduction Retina Retina is a commercial vulnerability assessment scanner by eEye, and is considered to be one of the fastest scanner’s on the market today.

5 Why conduct penetration testing? If there is a single vulnerability that allows an intruder into a regular system, the entire machine becomes compromised. This is true for most networks for mainly two reasons. 1.Sniffing 2.Trust authentication

6 Internet Scanner 7.0 Architecture

7 Internet Scanner Controller The Internet Scanner Controller (ISC), is responsible for directing the sub-processes that perform various scanning duties. These sub-processes, also known as MicroEngines –Built-in Engine –Plug-in Engine –Discovery Engine –FlexCheck Engine

8 Built-in Engine The Built-in checks esources that are embedded in the exploits, resulting in dependency relationships between some exploits.

9 Plug-in Engine Plug-ins are independent modules that perform vulnerability checks against a target host

10 Discovery Engine The Discovery Module is responsible for gathering identification information from hosts. –Fingerprinter –ICMP pinger –TCP pinger –TCP port scanner –UDP port scanner –DNS lookup utility –NetBIOS utilities –Operating System Identification (OSID) –Windows Service Pack

11 Flex Check Engine The Flex Check engine loads and executes external programs that attempt to identify specific vulnerabilities on a host. –Exploit Manager –Resource Manager –Encryption –TCP/IP Stack Fingerprinting

12 Benefits of ISS Minimize business risk Low cost of ownership Proactive protection Scalable Ease of use

13 ISS Report

14 References prise_protection/vulnerability_assessment/ scanner_internet.phphttp:// prise_protection/vulnerability_assessment/ scanner_internet.php 14.htmlhttp:// 14.html /2003-q1/0157.htmlhttp://archives.neohapsis.com/archives/iss /2003-q1/0157.html

15 Retina Despite its powerful capabilities, Retina was designed to be the easiest scanner to operate. Retina also features a number of automatic features that facilitate such functions as scheduling, repairing common system problems and updating the application.

16 Features of Retina Non-Intrusive Scanning –Retina can scan the network without overloading its resources and without causing systems to crash Frequent Updates for New Vulnerabilities –Retina's Auto-Update function provides easy Internet access for downloading the latest vulnerability checks

17 Features of Retina Rogue Wireless Access Detection – Retina automatically detects the presence of unauthorized access points on networks of any size Ability to Uncover Unknown Vulnerabilities –Retina can actually detect previously unknown or hidden vulnerabilities. High-Speed Scanning Ability –Retina is able to scan an entire Class C network in about 15 minutes.

18 Features of Retina Remote Repair Capabilities –Auto-Fix function allows one to automatically correct common system security issues such as registry settings, file permissions and more. Comprehensive and Up-to-Date Vulnerabilities Database –Advanced knowledge of security issues due to discoveries made by its own team of security experts.

19 Features of Retina Advanced and Customized Reporting Capabilities –Retina automatically customizes the content of its network audit reports to reflect the severity of the vulnerabilities discovered and the level of security risk involved. Custom Audit Wizard –Audit Wizard simplifies the process of building custom checks Advanced Scheduling Capabilities –Retina's scheduler function allows one to set the scanner to run on a regular basis to periodically check for vulnerabilities

20 Features of Retina Remote Scanning Capabilities –Retina scans can be securely initiated from any location. (Remote Manager) Open Architecture –Custom changes to the Retina interface –Retina’s Policies Wizard that walks one through the creation of a custom scan

21 Retina in Action

22 Pricing Information Retina pricing is based on the number of IP addresses that require scanning and the number of users (licenses) that will be conducting the scanning. Standard Retina licenses may only be used to scan systems within the organization for which the license was originally purchased. Retina Traveling licenses are available for consultants that require the ability to perform scans for more than one organization

23 References Retina References /index.htmlhttp:// /index.html