1 / 23

ISS Security Scanner Retina by Adnan Khairi 100183586

2. ISS Security Scanner

iago
Download Presentation

ISS Security Scanner Retina by Adnan Khairi 100183586

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. 1 Presentation ISS Security Scanner & Retina by Adnan Khairi 100183586

    2. 2 ISS Security Scanner & Retina

    3. 3 Introduction ISS Security Scanner The Internet Security Scanner was designed to help administrators explore and log network security vulnerabilities associated with TCP/IP host services. Internet Scanner started off in 1992 as a tiny Open Source scanner by Christopher Klaus. Shareware.

    4. 4 Introduction Retina Retina is a commercial vulnerability assessment scanner by eEye, and is considered to be one of the fastest scanner’s on the market today.

    5. 5 Why conduct penetration testing? If there is a single vulnerability that allows an intruder into a regular system, the entire machine becomes compromised. This is true for most networks for mainly two reasons. Sniffing Trust authentication

    6. 6 Internet Scanner 7.0 Architecture

    7. 7 Internet Scanner Controller The Internet Scanner Controller (ISC), is responsible for directing the sub-processes that perform various scanning duties. These sub-processes, also known as MicroEngines Built-in Engine Plug-in Engine Discovery Engine FlexCheck Engine

    8. 8 Built-in Engine The Built-in checks esources that are embedded in the exploits, resulting in dependency relationships between some exploits.

    9. 9 Plug-in Engine Plug-ins are independent modules that perform vulnerability checks against a target host

    10. 10 Discovery Engine The Discovery Module is responsible for gathering identification information from hosts. Fingerprinter ICMP pinger TCP pinger TCP port scanner UDP port scanner DNS lookup utility NetBIOS utilities Operating System Identification (OSID) Windows Service Pack

    11. 11 Flex Check Engine The Flex Check engine loads and executes external programs that attempt to identify specific vulnerabilities on a host. Exploit Manager Resource Manager Encryption TCP/IP Stack Fingerprinting

    12. 12 Benefits of ISS Minimize business risk Low cost of ownership Proactive protection Scalable Ease of use

    13. 13 ISS Report

    14. 14 References http://www.iss.net/ http://www.iss.net/products_services/enterprise_protection/vulnerability_assessment/scanner_internet.php http://www.cert.org/advisories/CA-1993-14.html http://archives.neohapsis.com/archives/iss/2003-q1/0157.html

    15. 15 Retina Despite its powerful capabilities, Retina was designed to be the easiest scanner to operate. Retina also features a number of automatic features that facilitate such functions as scheduling, repairing common system problems and updating the application.

    16. 16 Features of Retina Non-Intrusive Scanning Retina can scan the network without overloading its resources and without causing systems to crash Frequent Updates for New Vulnerabilities Retina's Auto-Update function provides easy Internet access for downloading the latest vulnerability checks

    17. 17 Features of Retina Rogue Wireless Access Detection Retina automatically detects the presence of unauthorized access points on networks of any size Ability to Uncover Unknown Vulnerabilities Retina can actually detect previously unknown or hidden vulnerabilities. High-Speed Scanning Ability Retina is able to scan an entire Class C network in about 15 minutes.

    18. 18 Features of Retina Remote Repair Capabilities Auto-Fix function allows one to automatically correct common system security issues such as registry settings, file permissions and more. Comprehensive and Up-to-Date Vulnerabilities Database Advanced knowledge of security issues due to discoveries made by its own team of security experts.

    19. 19 Features of Retina Advanced and Customized Reporting Capabilities Retina automatically customizes the content of its network audit reports to reflect the severity of the vulnerabilities discovered and the level of security risk involved. Custom Audit Wizard Audit Wizard simplifies the process of building custom checks Advanced Scheduling Capabilities Retina's scheduler function allows one to set the scanner to run on a regular basis to periodically check for vulnerabilities

    20. 20 Features of Retina Remote Scanning Capabilities Retina scans can be securely initiated from any location. (Remote Manager) Open Architecture Custom changes to the Retina interface Retina’s Policies Wizard that walks one through the creation of a custom scan

    21. 21 Retina in Action

    22. 22 Pricing Information Retina pricing is based on the number of IP addresses that require scanning and the number of users (licenses) that will be conducting the scanning. Standard Retina licenses may only be used to scan systems within the organization for which the license was originally purchased. Retina Traveling licenses are available for consultants that require the ability to perform scans for more than one organization

    23. 23 References Retina References http://www.eeye.com/html/Products/Retina/index.html

More Related