December 16th, 2004, 04:37 PM
Vulnerability Testing (from inside the network)
My first post so please be gentle.
I've just taken up a post as an Information security officer. It's not as purely technical as some of the security posts that other on AO have.
My boss has asked me to look into way to carry out vulnerability testing on our network particularly the 2003 servers but just to develop an ongoing program of network testing.
At the moment it's just theory, extra reading and advice I'm looking for. There will be a test network set up to start with so that I don't cause mayhem on the live network but that will be into the new year.
I'll probably be setting up a spare box at home just with a cross over cable to try things out there.
I'm after any (other) rcommended websites with articles/tutorial, any books worth reading.
Any tools that would be useful for testing the network both free/open source and commercial.
Any general advice as to how you go about testing networks that you secure. Any company policies/proceedure that your sysadmins follow on their networks to maintain a handle on vulnerabilities.
I've been tinkering with Snort, Ethereal, GFI and a few others but only on my local machine or on the loop back.
My background is in desktop support at a school but I also carried out some work on NT4 servers, 2000 servers and 2003 servers. I've also got a bit of linux experience Red Hat mostly.
My programming is weak I know Asp but I've no formal IT training. I used to be a biochemist but fell into IT a while back.
Thanks in advance.
December 16th, 2004, 04:46 PM
You may want to check out a tool called Nessus , also thehorse13 wrote a very good tutorial on how to set it up.
December 16th, 2004, 04:57 PM
Some books that might help you get started are:
--Anti-Hacking Toolkit, Jones/Shema/Johnson, Osborne
--Maximum Security, Anonymous, SAMS
--Special Ops, Birkholz, Syngress
--Hack Proofing Your Network, Syngress
If you are budget-challenged, I use www.ComputerBooksDirect.com to get what I need. There are other lower-priced resources.
December 16th, 2004, 05:08 PM
Get a live disk security distro of linux like Knoppix StD Or Phlak. They contain all the tools you need to penetration test ......
Phlak -> http://www.phlak.org/modules/mydownloads/
Knoppix Std -> http://www.knoppix-std.org/
Check out the man pages for all the tools ...
Best Of Luck ..
December 16th, 2004, 06:14 PM
Try Sunbelt Network Security Inspector (SNSI) - works well for me.
Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.
December 16th, 2004, 06:21 PM
Until my company cut the funding. I thought Retina Security Scanner was awesome. Give it a google
December 16th, 2004, 07:08 PM
Personally I use helix for both internal pen testing and incident response. It is a live CD based on Knoppix, meaning you need not install it to run it. Just boot from the CD and off you go. It can also be installed to a hard drive permanently if you wish.
A good, quick read to get up and running with Linux security is Hack Notes, which only runs about 20 or 30 dollars, or about 10 used. You can't really go wrong for that price and it is a very good introduction to the "bare basics". Just be sure to get a recent version if you buy a used copy. They have a Windows edition as well, however I have not read it.
A far more in-depth book I have used and loved is Maximum Linux Security, although it is written at a much more advanced level.
As others have mentioned, there is no comparison to Nessus when it comes to vulnerability scanning. It scans both Windows and Linux machines (not sure about other OSes), and plugins for new exploits are usually available within hours, although they have recently moved to an activation model and started charging a substantial fee for immediate access to non-GNU licensed plugins. If your company has the resources to pay for the support it is ceartainly worth looking into.
I would also try programs such as Ettercap and Dsniff. In any case, have a look at insecure.org's list of the top 75 security tools for some more ideas.
Good luck in your new endeavors.
Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.
Join the UnError
December 17th, 2004, 11:24 AM
Lots to be looking up and lots to learn which is good.
I downloaded the ISO of Knoppix-STD last night and I'm going to have a tinker with that today.
December 17th, 2004, 05:50 PM
Ok What i can suggest you with a little experience of mine is that : May be steps are not in order hope you can arrange them yourself.
1) First check that all the O.S. has updated service pack.
2) Try scanning them with GFI lan guard Security scanner..... If you see any vulneribility cover it with the available patch.
3) See if all the guest accounts and other builtin accounts are disable.
4) Instead of Ethereal try Iris... its a good sniffer...... Certainly help you in analyzing the traffic being generated by the nodes.
5) Make sure all the passwords are strong.
6) See whether good antivirus is present and its updated or not.
Also take a look at these links: -
Forgot to mention about this:
An excellent place to search information about your topic...
One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!
December 21st, 2004, 12:15 PM
well retina is a good official tool for network vulnerability scanning, and it always has actual vulnerabilities...