LAN Manager?
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: LAN Manager?

  1. #1
    Member
    Join Date
    Jan 2003
    Posts
    30

    LAN Manager?

    Does anyone know of a peice of software (preferably free) in which it allows you to monitor the computers on your network, and check updates, and see what patches they do or not have, and also see other information about the computers on your lan?

    Is there any such software that is free?


    ------
    I did find a program called 'LANguard NSS' which does exactly what I want. except I have no clue how to use it. I mean I can scan my local computer, but when I go to scan my IP Range of my computers, it does not work. And I dont know how to configure it with my Personal Firewalls on each workstation....any one have a clue?

  2. #2
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852
    My suggestion is Languard, and I see that you already know about Languard, just don't know how to scan your LAN. That's an easy fix - from within Languard, go to the File menu, select New Scan (Ctrl-N). A dialog box should pop up, just select the "Scan range of computers" option, giving it the IP address range to scan. For example, depending on how you have DHCP configured, your IP address range for your LAN might be 192.168.1.1 to 192.168.1.254 - you give Languard the two endpoints for IP addressing in your LAN. Once this has been setup, click the Finish button, and you'll be ready to scan. Just hit Start Scanning and it will scan the LAN for the IP address range you specified. Languard works great - it will check for certain vulnerabilites, open ports, supply to as much information about the machine that it can find - you'll also have the option to deploy patches and such...

    Also, just scan with your firewalls functioning, then one time without - this will also give you an idea of how well your firewalls are protecting per machine..

    Hope this was of some help...
    - Maverick

  3. #3
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Without access to NetBios, I do not believe you willl be able to remotlely update your machines. (Usually software uses NB and Mtask to schedule) Therefore you may have to disable your personal firewalls on the clients to update. Another program is Shavlik NetChk Pro which will scan Win32 LANS and gather patch information and deploy patches and SP's remotely.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  4. #4
    Member
    Join Date
    Jan 2003
    Posts
    30
    How can I gain access to Netbios, and have it configured so that I can scan for patches and vulnerabilities.

  5. #5
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852
    Another suggestion - Microsoft has had available for some time the Microsoft Baseline Security Analyzer. It's a tool that should perform some of the functions you were first referring to. I'm not sure what kind of OS's you are currently running, but it will scan NT4.0 and up machines.

    The application is available here: http://www.microsoft.com/downloads/d...DisplayLang=en

    I personally don't use this application, but I just thought I'd mention it - it might be something worth checking out for you...


    EDIT: Just saw your last question - to enable NetBIOS, you simply need to enable File and Print sharing on your PC...
    - Maverick

  6. #6
    Senior Member
    Join Date
    Jul 2002
    Posts
    315
    I was just about to say Microsoft Baseline Security Analyzer and then I saw Maverick811 had already mentioned it.

    I used Microsoft Baseline Security Analyzer as a security check to ensure my machines was patched for MSBlast. It does a pretty good job and it turned up a lot more patches I needed to get. You might want to check that one out. However, there may be better ones out there like Languard.

    Guidance...
    - The mind is too beautiful to waste...
    Cutty


  7. #7
    Member
    Join Date
    Jan 2003
    Posts
    30
    Shavlik NetChk Pro --- Will that work with Personal Firewalls on? Is their a client that you install on the machine. I dont really want to turn my firewalls off, just because my HARDWARE firewall is AWOL, and I dont want the risk.


    Thanks.

  8. #8
    Member
    Join Date
    Sep 2002
    Posts
    33
    Hi

    Another great product is nessus www.nessus.org
    The product only runs on versions of *nix but has good support, is open software, and is free.

    There are lots of support info on the WWW, and you can download new vulnerability plugins as they become available.

    It will scan single IPs and ranges for various open ports, OS information etc, etc

    PS you can also download a Windows client for it to!

    Golam
    Time flies like an arrow - fruit flies like a banana

  9. #9
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Allow me to clarify, your personal firewall software will block most of the ports required to remotely verify and deploy patches on windows machines. You can configure the personal firewall to accept incoming connections on these ports from a specific IP(aka Patch deployment machines IP) or use the scheduler on the local machine to your advantage and have the personal firewalls on a timer to turn off at a specific time at which the patch deployment program will also be scheduled to deploy patches and schedule a restart. The now infamous RPC(135) and NetBios(137-139) are used like this: The patch deployment software creates a share and checks the registry for installed patches(using NetBios) on the remote machine, it then transfers neccessary patches to the share, then an RPC call is made to schedule the patch installation. In the case of personal firewalls, any one worth their salt will block all the affore mentioned ports so this must be taken into consideration and configured accordingly.

    -Maestr0



    EDIT: Shavlik and others I've seen do not require a client, although the above process is probably not the only way to skin the cat, its just the way I know of.
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  10. #10
    Junior Member
    Join Date
    Jul 2003
    Posts
    29
    http://www.intrusec.com


    its called expose try it out its nice!
    Windows geht.net Enterprise Sever

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •