Re: Audit Tools

From: José J. Cintrón (jcintron@mitre.org)
Date: 08/29/01

Previous message: Thor@HammerofGod.com: "Re: What I would like the MS IIS Lockdown tool todo"
In reply to: Serge Wroclawski: "Re: Audit Tools"
Next in thread: dcdave: "Re: Audit Tools"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <3B8D523A.8F4EC50C@mitre.org>
Date: Wed, 29 Aug 2001 16:36:10 -0400
From: "José J. Cintrón" <jcintron@mitre.org>
Subject: Re: Audit Tools

These 2 will help you to check configuration settings (policy, users,
etc.)
Intrusion.COM - Kane Security Analyst
eEye - Retina (I haven't used this one)

For Vulnerabilities
  NAI - CyberCop Scanner
  ISS - Internet Scanner
  Plus a few others that I'll omit to keep the message short (if you
want others e-mail me personally)

For service Packs you can try the tool that MS published:
http://support.microsoft.com/support/kb/articles/q303/2/15.asp

Unfortunately an all-in-one is not always the best solution. Hope this
helps!

>
> On Wed, 29 Aug 2001 milt@necam.com wrote:
>
> Lets assume our company takes over another ... actually taking place ... our
> company wants to audit the other company's network ... at this point we are
> told it is NT ... not told too much else like what version, service packs,
> controllers, backups, etc. Is there an audit tool that will tell us such things
> as security holes, number of users, groups, rights, etc.? I need a 'all-in-one'
> 'sweeper package'... is there such a thing? ... what would you recommend?

Previous message: Thor@HammerofGod.com: "Re: What I would like the MS IIS Lockdown tool todo"
In reply to: Serge Wroclawski: "Re: Audit Tools"
Next in thread: dcdave: "Re: Audit Tools"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]