1

GFI LANguard Network Security Scanner

2

Contents

Introduction Features Source & Installation Testing environment Results Conclusion

3

Introduction

Importance of Network security Internal SecurityExternal Security

Purpose of GFI LANguard Enable Network admins to perform

Security audit Remote system analysis

4

Features

Security Audit Results in a verbose

manner Flexible scanning

Scan one computer Scan range of computers Scan list of computers Domain specific scan

5

Features (Cont…)

System detection SNMP , NETBIOS

queries , Ping Sweep

Configuring ports for port scan

6

Features (Cont..)

Enumeration of entry pointsSNMP holesCGI holesOpen sharesRogue , Backdoor usersWeak network passwords

7

Features (Cont…)

AlertsWell known security problems are clearly

identified Intelligent scanning Listing of hot-fixes & service packs

8

Features (Contd..)

Remote Machine shutdown Exploitation of NetBIOS vulnerability Enabling auditing Sending spoofed messages Scheduling scans & automatic update of

scans Gathering information & displaying using

report generator

9

Features (Contd..)

Scripting Language: LANS: LANguard Scripting language GFI LANguard contains its own scripting

editorAllows users to create custom script which will

be executed on the remote host as when accessed

10

Features (Contd..)

Tools: SNMP Walk

By performing SNMP walk potential hackers or malicious users will get lot of information about the system

11

Features (Contd..)

Tools (Contd..) Trace route

DNS look up

12

Tools (Contd..) SNMP Audit

SNMP audit allows to detect weak community strings.

13

Tools (Contd..) MS-SQL Audit

14

Tools (Contd..) Enumerated

Computers

15

Source & Installation

Downloaded GFILANguard from www.gfi.com

Minimum requirements as set by vendorOS: Win 2000/2003/XP IE 5.1 +Client for Microsoft networks be installedNo personal firewall settings

16

Testing Environment

Setting options:

17

Testing Environment (Contd..)

18

Testing Environment (Contd..)

19

Results

Source IP address : 137.207.234.120 CASE -1 :

Destination IP: 137.207.234.138 Scan parameters: As specified earlier

20

21

Results (Contd..)

CASE –II : SunSolaris

22

Results (Contd..) Script execution:

hostname = "agardel2" # my desktop computer

// name of the system from which the script is running

ip = dnslookup(hostname) // using the function dnslookup if ip <> "" echo("hostname: " + hostname) echo("resolved as: " + ip, _color_blue) # now backwards:) hostname = ReverseDnsLookup(ip) if hostname <> "" echo("back to: " + hostname,) end if else echo("unable to resolve " + hostname + " !", \ _color_red) end if

23

Conclusion

GFI LANguard is a very good tool in detecting and analysis of vulnerabilities User – defined Scripting language : LANSVerbose representation of DataGenerating Reports

24

References

www.gfi.com