Scanning with ISS Security-SIG 15 December 2005 David Taylor & John Lupton ISC Information Security ISC/Information Security.

Slides:

Advertisements

Similar presentations

How to download and install Sharpdesk

Advertisements

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Calendar Browser is a groupware used for booking all kinds of resources within an organization. Calendar Browser is installed on a file server and in a.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

Network Security Testing Techniques Presented By:- Sachin Vador.

1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

Panasonic Computer Products Europe CF-08 Live Set up.

A common error that appears on the copier’s screen is seen here when a scan to Sharpdesk is not sent to the computer successfully. This guide intends to.

Format Scandisk Defragmentation Antivirus Compression Software

Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Installing and running COMSOL on a Windows HPCS2008(R2) cluster

1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.

File sharing. Connect the two win 7 systems with LAN card Open the network.

Copyright © 2013 FingerTec Worldwide Sdn.Bhd. All rights reserved.

Document Processing Ways to centralize and streamline your Endangered Species Act document processing procedures.

11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

1 Computer Security: Protect your PC and Protect Yourself.

SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.

How To Batch Register Your Students

Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.

How to create a website for free Panagiotis Kafkarkou.

Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

By: Ahmed Mirza December 3, 2009 EN393. Introduction Antivirus software is a computer application that detects, prevents and removes malicious software,

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

How to Download and Install a Sharp Print Driver on a Mac.

Using Windows Firewall and Windows Defender

Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Using Group Policy Lesson 4. Skills Matrix Technology SkillObjective Domain SkillDomain # Creating and Understanding Group Policy Modeling and Group Policy.

The Microsoft Baseline Security Analyzer A practical look….

Tutorial #1. Lab#: 1 Securing your system Lab 1.2: Tenable Nessus Nessus currently works on Windows, Linux, and Mac. It is a vulnerability scanner, which.

INSTALLATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.

VistA Imaging Capture via Scanning. October VistA Imaging Capture via Scanning The information in this documentation includes only new and updated.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Windows Vista Inside Out Ch 10: Ch 10: Security Essentials Last modified

Downloading and Installing Autodesk Revit 2016

Section 9: Configuring Roaming Profiles and Folder Redirection Managing User Profiles Configuring Folder Redirection Using Folder Redirection and Roaming.

Microsoft Office Outlook 2013 Microsoft Office Outlook 2013 Courseware # 3252 Lesson 6: Organizing Information.

Chapter Six Maintaining a Computer Part II: Installing, Repairing, and Removing Applications.

Ohana Software’s PAF INSIGHT Part 1 By Tina Abplanalp

7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.

How to Take Full Control of the ArrayTools and R Folder You need to have Full Control of the ArrayTools and R installation folders to run BRB-ArrayTools.

Downloading and Installing Autodesk Inventor Professional 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Retina Network Security Scanner

NetTech Solutions Protecting the Computer Lesson 10.

IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.

Primenumbers.co.uk This presentation will help you get the most out of this service.

DSS Tips and Tricks A Must-Read for DSS Beginners Rev. Apr 2008.

Part A. Remote Viewing IP Surveillance Camera Application Guide.

How to fix Error code 0x80072ee2 in Windows 8.1? Fix%20%20Update%20Error%200x80072EE2%20in%20Windows%20 8.1,%20Windows%2010!%20-%20Fix%20PC%20Errors.htm.

CACI Proprietary Information | Date 1 PD² SR13 Client Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead Date: December 8, 2011.

Part 1: How to use EasyAccess 2.0 Similar to your social network software, such as Skype, WhatsApp. One license for each HMI No license is needed for.

error-message-in-windows-10-upgrade.

Mind Mapping with Bubbl.us. The Bubbl.us Homepage Click to create a bubbl.us account Sign in or, To access, type

Common System Exploits Tom Chothia Computer Security, Lecture 17.

What are the Steps to add an HP Printer to a Mac Device? HP Customer Support Helpdesk.

beas group AG Beas sql guide Martin Heigl CTO

Fortinet NSE8 Exam Do You Want To Pass In First Attempt.

How to Patch Norton Antivirus?

How To Share Calendar in Outlook?. If you are planning to share Outlook calendar with others through Outlook Online with people in your organization,

Call AVG Antivirus Support | Fix Your PC

Information Security Session October 24, 2005

Intro to Ethical Hacking

LGC Website, Software updates, Documentation, and Videos

Getting Started – Associate Laptop Set-up

Intro to Ethical Hacking

Introduction to the New SSA OnePoint Online Website

Presentation transcript:

Scanning with ISS Security-SIG 15 December 2005 David Taylor & John Lupton ISC Information Security ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security ISS - Internet Security Scanner Commercial product of Internet Security Systems Provides Windows-based scanning for vulnerabilities on hosts running all major PC operating systems –Windows –Mac OS X –Unix/Linux

Scanning with ISS 15 December 2005 ISC/Information Security Which Windows? Dave Taylor sez… –Windows 2000 or above, BUT… –Win 2003 and XP/SP2 have been problematic –Win 2000 or XP/SP1 seem to work best

Scanning with ISS 15 December 2005 ISC/Information Security Who’s Allowed to Scan? Anyone is permitted to scan their own system Penn Sysadmins and LSP’s are permitted to scan IP addresses/ranges for which they have responsibility

Scanning with ISS 15 December 2005 ISC/Information Security Scanning Etiquette The “Golden Rule”…you don’t appreciate someone else scanning your addresses without your knowledge or permission, right? “Let My People Know”…unless there’s a good reason to keep it secret, tell your users when you will be scanning, and from which IP address

Scanning with ISS 15 December 2005 ISC/Information Security Firewalls If you are scanning from inside a firewall, you will need to disable it to prevent problems with scan accuracy If your target(s) is/are behind a firewall, you will need to: –Disable the firewall during the scan, OR –Locate the scanning system inside the firewall

Scanning with ISS 15 December 2005 ISC/Information Security Downloading & Installing ISS Go to Set up an account (necessary, but free) Sign in to the Download Center Search for Internet Scanner 7.0 SP2 –Allows installation of SQL desktop engine as part of single installation –Dave sez: older versions require separate installations, and are “a pain in the bootie”. Click on colored “FULL INSTALLS” tab Download file (there’s only one) and install as per instructions

Scanning with ISS 15 December 2005 ISC/Information Security OK, what next?… The software “as is” will allow scanning of the localhost ( ) To scan other hosts, you need to obtain and install a “key” Send to - we will “cut” you a key and transmit it to you, along with instructions how to import it into ISS

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security Installing Updates After installing the ISS application, update the scanning modules by running “X-Press Update Install” –Located in ‘Start’ menu –Go to Starbucks…it will take a while Once the updated modules have been installed, you’re ready to roll

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security Scanning Credentials From a stand-alone, non-domain system: –Results similar to what outside hacker could see From a standard domain user account: –Results similar to what other domain users could see From a Domain Administrator account: –Results will show much more detail, e.g. patch level

Scanning with ISS 15 December 2005 ISC/Information Security Set Up a Session From ‘Start’ Menu… –Create a new session –Choose a template, OR start with a blank session and construct your own new policy –Give it a name, and click ‘OK’ –Edit the policy and select your scan target(s) Be Aware!…Plugins for Destructive Denial of Service vulnerabilities may cause a remote system to become unresponsive - or crash altogether

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security Set Up a Session (cont.) Save the policy and close the Policy Editor Select the policy, then name the session Enter a host range, or load from a list –Remember the “Golden Rule” - don’t scan anyone’s space but your own

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security To Ping, or not to Ping? You have an option to “ping” the hosts in your target range before the scan is performed Many hosts are configured to block all ICMP activity, but can still be scanned Generally better to NOT use the “ping” option –Scans take longer, but are usually more accurate –If hosts you know are present return “unreachable”: Use ‘Tools->Session Properties’ and choose ‘Scan Always’ Forces ISS to run all modules in the policy

Scanning with ISS 15 December 2005 ISC/Information Security Running the Scan Let ‘er rip… Go to Starbucks again

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security Result Reports Results can be presented in several escalating levels, e.g.: –Executive summary –Technically detailed, with step-by-step mitigation procedures Need help? Write to us at

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security

Scanning with ISS 15 December 2005 ISC/Information Security Useful Links Download: Support: Plug-in Info: xforce.iss.net/ SANS Internet Storm Center: isc.sans.org French Security Incident Response Team (known for releasing Zero-Day Advisories): Metasploit: