ISS Security Scanner - PowerPoint PPT Presentation

About This Presentation
Title:

ISS Security Scanner

Description:

Presentation ISS Security Scanner & Retina by Adnan Khairi 100183586 ISS Security Scanner & Retina Introduction ISS Security Scanner The Internet Security Scanner was ... – PowerPoint PPT presentation

Number of Views:64
Avg rating:3.0/5.0
Slides: 24
Provided by: web2Uwind
Category:
Tags: iss | scanner | security

less

Transcript and Presenter's Notes

Title: ISS Security Scanner


1
Presentation
  • ISS Security Scanner
  • Retina
  • by
  • Adnan Khairi
  • 100183586

2
ISS Security ScannerRetina
3
Introduction ISS Security Scanner
  • The Internet Security Scanner was designed to
    help administrators explore and log network
    security vulnerabilities associated with TCP/IP
    host services.
  • Internet Scanner started off in 1992 as a tiny
    Open Source scanner by Christopher Klaus.
  • Shareware.

4
Introduction Retina
  • Retina is a commercial vulnerability assessment
    scanner by eEye, and is considered to be one of
    the fastest scanners on the market today.

5
Why conduct penetration testing?
  • If there is a single vulnerability that allows an
    intruder into a regular system, the entire
    machine becomes compromised.
  • This is true for most networks for mainly two
    reasons.
  • Sniffing
  • Trust authentication

6
Internet Scanner 7.0Architecture
7
Internet Scanner Controller
  • The Internet Scanner Controller (ISC), is
    responsible for directing the sub-processes that
    perform various scanning duties.
  • These sub-processes, also known as MicroEngines
  • Built-in Engine
  • Plug-in Engine
  • Discovery Engine
  • FlexCheck Engine

8
Built-in Engine
  • The Built-in checks esources that are embedded in
    the exploits, resulting in dependency
    relationships between some exploits.

9
Plug-in Engine
  • Plug-ins are independent modules that perform
    vulnerability checks against a target host

10
Discovery Engine
  • The Discovery Module is responsible for gathering
    identification information from hosts.
  • Fingerprinter
  • ICMP pinger
  • TCP pinger
  • TCP port scanner
  • UDP port scanner
  • DNS lookup utility
  • NetBIOS utilities
  • Operating System Identification (OSID)
  • Windows Service Pack

11
Flex Check Engine
  • The Flex Check engine loads and executes external
    programs that attempt to identify specific
    vulnerabilities on a host.
  • Exploit Manager
  • Resource Manager
  • Encryption
  • TCP/IP Stack Fingerprinting

12
Benefits of ISS
  • Minimize business risk
  • Low cost of ownership
  • Proactive protection
  • Scalable
  • Ease of use

13
ISS Report
14
References
  • http//www.iss.net/
  • http//www.iss.net/products_services/enterprise_pr
    otection/vulnerability_assessment/scanner_internet
    .php
  • http//www.cert.org/advisories/CA-1993-14.html
  • http//archives.neohapsis.com/archives/iss/2003-q1
    /0157.html

15
Retina
  • Despite its powerful capabilities, Retina was
    designed to be the easiest scanner to operate.
  • Retina also features a number of automatic
    features that facilitate such functions as
    scheduling, repairing common system problems and
    updating the application.

16
Features of Retina
  • Non-Intrusive Scanning
  • Retina can scan the network without overloading
    its resources and without causing systems to
    crash
  • Frequent Updates for New Vulnerabilities
  • Retina's Auto-Update function provides easy
    Internet access for downloading the latest
    vulnerability checks

17
Features of Retina
  • Rogue Wireless Access Detection
  • Retina automatically detects the presence of
    unauthorized access points on networks of any
    size
  • Ability to Uncover Unknown Vulnerabilities
  • Retina can actually detect previously unknown or
    hidden vulnerabilities.
  • High-Speed Scanning Ability
  • Retina is able to scan an entire Class C network
    in about 15 minutes.

18
Features of Retina
  • Remote Repair Capabilities
  • Auto-Fix function allows one to automatically
    correct common system security issues such as
    registry settings, file permissions and more.
  • Comprehensive and Up-to-Date Vulnerabilities
    Database
  • Advanced knowledge of security issues due to
    discoveries made by its own team of security
    experts.

19
Features of Retina
  • Advanced and Customized Reporting Capabilities
  • Retina automatically customizes the content of
    its network audit reports to reflect the severity
    of the vulnerabilities discovered and the level
    of security risk involved.
  • Custom Audit Wizard
  • Audit Wizard simplifies the process of building
    custom checks
  • Advanced Scheduling Capabilities
  • Retina's scheduler function allows one to set the
    scanner to run on a regular basis to periodically
    check for vulnerabilities

20
Features of Retina
  • Remote Scanning Capabilities
  • Retina scans can be securely initiated from any
    location. (Remote Manager)
  • Open Architecture
  • Custom changes to the Retina interface
  • Retinas Policies Wizard that walks one through
    the creation of a custom scan

21
Retina in Action
22
Pricing Information
  • Retina pricing is based on the number of IP
    addresses that require scanning and the number of
    users (licenses) that will be conducting the
    scanning. Standard Retina licenses may only be
    used to scan systems within the organization for
    which the license was originally purchased.
    Retina Traveling licenses are available for
    consultants that require the ability to perform
    scans for more than one organization

23
References
  • Retina References
  • http//www.eeye.com/html/Products/Retina/index.htm
    l
Write a Comment
User Comments (0)
About PowerShow.com