Monitoring Your Network - PowerPoint PPT Presentation

monitoring your network n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Monitoring Your Network PowerPoint Presentation
Download Presentation
Monitoring Your Network

play fullscreen
1 / 24
Monitoring Your Network
157 Views
Download Presentation
maegan
Download Presentation

Monitoring Your Network

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Monitoring Your Network A College Approach Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop discussion are to be held in strictest confidence.

  2. Documents to Read Oxford University's Computer Usage Rules and Etiquette http://www.ox.ac.uk/it/rules/ Somerville Rules for Computer Use http://www.some.ox.ac.uk/cp_rules.htm Christopher Bamber

  3. What We Can Use the Tools for • Identifying unofficial servers or services • Monitoring usage and traffic statistics • Protecting your network from the world • Troubleshooting your network • Investigating a security incident • Keeping logs of users activities for accountability Christopher Bamber

  4. WS_Ping_ProPack XploiterStat Lite Windows NT Event Viewer Sophos Anti-Virus for NT Sophos Anti-Virus ADMIN Tool Sophos Anti-Virus for Exchange Elron Command View Firewall for NT eTrust Intrusion Detection (Sessionwall) Transcend Workgroup Manager Network Watch from NT Resource Kit The Tools Used Christopher Bamber

  5. Somerville College Network Christopher Bamber

  6. Ws_Ping_ProPack • This tool gives you basic windows interface into a few very handy utils:- Ping, Scan, TraceRoute, Whois, Lookup etc • Doing regular scans of common ports on your network will help to discover unauthorised services or servers • Very quick and simple, also cheap £30.00 for a licence Christopher Bamber

  7. A Port Scan Christopher Bamber

  8. XploiterStat Lite • Port monitoring software, TCP and UDP • Free, upgrade available at approx. £30.00 • Produce text logs of active connections to your machine or servers • Handy for putting a trace on a machine your concerned about Christopher Bamber

  9. Windows NT Event Viewer • Comes with MS NT Server,it’s FREE! • Use it to look at your logs • Make sure you have some logs • Export your logs to examine them in Excel, it’s quicker • More advanced version available as a plug-in in Windows 2000 Christopher Bamber

  10. Sophos Anti-virus for NT • It’s FREE!, site licensed to Oxford University • Protect your workstations from viruses • Use a protected install so users can’t remove it • Make it mandatory for all computers connected to your network • Keep it updated… Christopher Bamber

  11. Sophos Anti-Virus ADMIN Tool • It’s FREE! • Allows you to install SAV onto your NT workstations remotely • You need to have their admin shares(C$) available for the initial install • Allows you to update and change the configuration of SAV • Monitors the status and current rollout of the IDE files • Allows you to force an update to the user workstation • Quick and simple Christopher Bamber

  12. Sophos Sweep for Exchange • If you really have to run a mail server, install some virus scanning software • This is currently in Beta at the moment, but it works! • Again FREE!, available on site licence • SAVI is also available to connect to other mail server software • MAILsweeper is available for most systems and uses SAVI Christopher Bamber

  13. Elron CV Firewall for NT • Offers fully IPSEC compliant VPN Capabilities • Includes NAT, DMZ and User Authentication • Delivers industry-leading, 3rd generation, Stateful Multilayer Inspection (SMLI) technology • Is easy to manage with a point and click interface • Cost - £1.7K, available from MIS Corporate Defence Solutions Christopher Bamber

  14. Drill Down to View Rule Details Christopher Bamber

  15. Specific Servers on Ports Christopher Bamber

  16. Custom Defined Ports - Tuples Christopher Bamber

  17. Log File View Christopher Bamber

  18. Log Filtering • The latest version of the software now has a very powerful filtering ability for log files • This allows for quick analysis and troubleshooting of the network and firewall Christopher Bamber

  19. Application Layer Commands • Available for FTP, inbound Email, News and Web • Allows you to lock down the common ports to valid commands only • Stops ICQ, Instant Messaging from using these ports Christopher Bamber

  20. eTrust Intrusion Detection • Providing real-time, non-intrusive detection, policy-based alerts, and automatic prevention • Integrated anti-virus engine with automatic signature updates • Dynamic URL blocking and logging • Predefined policies for a wide range of attacks • Comprehensive built-in reports Christopher Bamber

  21. Transcend Workgroup Manager • Network management utility for managing 3com hubs and switches • Workgroup & Enterprise edition will no longer be available from the end of June 2000 (so order today!!) • Support will continue for 5 years Christopher Bamber

  22. Network Watch (NT Resource Kit) • Allows you to view and manage the network shares on your NT Servers • Includes the hidden shares ($) • Handy to see who’s connecting to what on your server Christopher Bamber

  23. Software Sites • WS_Ping_ProPack - http://www.ipswitch.com/Products/WS_Ping/index.html • XploiterStat Lite - http://www.xploiter.com/tambu/totostat.shtml • Sophos Anti-Virus – http://www.sophos.com/ • MAILsweeper - http://www.mimesweeper.com/ • Elron Firewall - http://www.elronsoftware.com/enterprise/cvfirewall.htm • eTrust - http://www.cai.com/solutions/enterprise/etrust/intrusion_detection/ • Transcend - http://www.3com.com/solutions/enterprise/networkmanagement/index.html • MIS Corporate Defence Solutions – http://www.mis-cds.com/ • contact James Guttridge 01622 723459 Christopher Bamber

  24. Contact Information Christopher Bamber IT Systems Manager Somerville College, OX2 6HD E-mail: chris.bamber@some.ox.ac.uk Tel: 01865 2 70661 Christopher Bamber