logo Home

Reviews : GFI LANguard Network Security Scanner 5


Download Free Trial: Download full version of software
Documentation: Installation instructions
User manual
System requirements: · Windows 2000/2003 or Windows XP.
· Internet Explorer 5.1 or higher.

GFI LANguard Network Security Scanner (N.S.S.) 5 is a freeware tool to audit network security and proactively secure it. It scans entire networks from an attacker's perspective, and analyses machines for open ports, shares, security alerts/vulnerabilities, service pack level, installed hotfixes and other NETBIOS information such as hostname, logged on user name, users etc. It does OS detection, password strength testing, detects registry issues and more. Reports are outputted in HTML.

GFI LANguard N.S.S. checks your network for all potential methods that a hacker might use to attack your network. By analyzing the operating system and the applications running on your network, GFI LANguard N.S.S. identifies possible security holes. In other words, it plays the devil's advocate and alerts you to weaknesses before a hacker can find them, enabling you to deal with these issues before a hacker can exploit them.

GFI LANguard N.S.S. scans your entire network, IP by IP, and provides information such as service pack level of the machine, missing security patches, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. Scan results are outputted to an HTML report, which can be customized/queried, enabling you to proactively secure your network - for example by shutting down unnecessary ports, closing shares, installing service packs and hotfixes, etc…



Figure 1 - The new GFI LANguard N.S.S. 5 interface

GFI LANguard N.S.S. is also a complete patch management solution. After it has scanned your network and determined missing patches and service packs - both in the operating system (OS) and in the applications - you can use GFI LANguard N.S.S. to deploy those service packs and patches network-wide. It can also deploy custom software network-wide.

Features of GFI LANguard N.S.S. are numerous, it can amongst other things :

Detect OS, service pack level & installed security patches
Installing the latest security patches is a must to keep your network secure. GFI LANguard N.S.S. detects what service packs and security patches are installed and identifies missing security patches and service packs. GFI LANguard N.S.S. detects Windows and UNIX operating systems using SMB queries.

Ability to patch NT/2000/2003/XP machines that are missing hotfixes
It can deploy missing service packs and patches network-wide, without user intervention. It is the ideal tool to monitor that Microsoft SUS is doing its job properly and to perform the tasks SUS cannot do. Administrators can use GFI LANguard N.S.S. to deploy Microsoft Office patches and custom software patches, for patch reporting and for immediate deployment of high alert patches. Microsoft SUS cannot do any of this. GFI LANguard N.S.S. supports patching of English, Spanish, Italian, French and German versions of Microsoft Office as well as custom software patching (for example, virus updates or client software deployment). If administrators prefer not to use Microsoft SUS, GFI LANguard N.S.S. can deploy patches for English versions of Windows NT/2000/2003/XP, Microsoft Exchange Server, Microsoft SQL Server and Microsoft ISA Server.

Fast TCP & UDP port scanning & identification
GFI LANguard N.S.S. includes a fast TCP/IP and UDP port-scanning engine, allowing you to scan your network for unnecessary open ports. GFI LANguard N.S.S. identifies well-known services (such as www/FTP/telnet/SMTP... ) and also supports "banner grabbing", that is, it queries the port for an application name.

Easily create different types of scans/vulnerability tests with Scan Profiles
Using Scan Profiles, administrators can scan for different types of information. For example, they can scan for open shares on workstations, security audit and password policies, machines missing a particular patch or machines missing a particular service pack. Different types of vulnerabilities can be scanned for, and the scan can also be performed using different identities, providing different network perspectives.

"Alerts" pinpoint security issues & recommends action
Once GFI LANguard N.S.S. has completed scanning a computer, it generates an "Alerts" node which details key security issues and recommends a course of action. Wherever possible, GFI LANguard N.S.S. includes further information about the security issue or a web link to more information, for example a BugTraq ID or a Microsoft KnowledgeBase article ID.

Automatically detect NEW security holes with scheduled scan results comparisons
GFI LANguard N.S.S. can compare scan results and identify new security holes appearing on your network. The scheduled scan feature allows you to schedule daily or weekly network scans, which can then be automatically compared to previous scan results. This enables you to quickly identify changes such as newly created shares, installed services, added users or added ports. You can configure GFI LANguard N.S.S. to automatically email you a list of changes.

Finds all shares on your network
GFI LANguard N.S.S. enumerates all shares on your network, including administrative shares (C$, D$, ADMIN$) and printer shares. Using this feature you can:

  • Check whether a user is sharing his/her whole drive with other users
  • Prevent anonymous access to shares
  • Ensure that startup folders or similar system files are not shared as this could allow less privileged users to execute code on target machines.

Find unused local users & groups
GFI LANguard N.S.S. also enumerates all local users and groups, and marks user accounts not being used, allowing you to remove the accounts you do not need. It is important to disable all unused accounts and ensure that the used accounts (administrator) have a strong password.

Vulnerabilities database includes Microsoft & UNIX/CGI issues
GFI LANguard N.S.S. automatically updates its security vulnerabilities database by downloading the continuously updated security bulletins XML file from the Microsoft site. This XML file contains the list of security vulnerabilities in Windows platforms and applications. In addition to this, the GFI LANguard N.S.S. security vulnerabilities database is also updated with issues reported to BugTraq. GFI LANguard N.S.S. also audits UNIX issues and cgi vulnerabilities.

Improved Linux/Unix security scanning
GFI LANguard N.S.S. 5 now includes an extensive set of Linux vulnerability checks. More will be added on a continuous basis and will be available via automatic download from the GFI website.

Query generator for scan reports
Because scan reports can include a lot of data, GFI LANguard N.S.S. includes a query generator that allows you to filter the XML scan reports for specific data. For example, you can query a scan result for all machines with shares, or for all machines running FTP servers.

Addition of custom vulnerabilities using scripts/conditions
Administrators can add their own vulnerability checks using conditions, for example, to check for particular registry entries/values. Users can also write complex vulnerability checks using the GFI LANguard N.S.S. VBscript-compatible script engine. GFI LANguard N.S.S. includes a script editor and debugger to help with script development.

Identifies all installed NT/2000/XP services
Disable all services that you do not need! All services running on the scanned machines are listed. Each service can be a potential security risk, so closing/switching off what you do not need automatically reduces the security risk.

Check if auditing is enabled & enable network-wide auditing
GFI LANguard N.S.S. checks if each NT/2000/XP machine has security auditing enabled. If not, GFI LANguard N.S.S. alerts you and permits you to enable auditing remotely. Security event auditing is highly recommended - it allows you to detect intruders in real time. GFI LANguard N.S.S.'s companion product GFI LANguard Security Event Log Monitor (S.E.L.M.) automates network-wide, real time analysis of security events.

Check password policy
GFI LANguard N.S.S. can automatically check password policy for all machines on the network. You can ensure that the password policy is secure, for example, by enabling a maximum password age, password lockout and password history.

Check for programs that run automatically
GFI LANguard N.S.S. can find programs that are automatically launched on a user's workstation. Review these entries carefully for possible Trojans.

HTML/XML reports
GFI LANguard N.S.S. outputs scan results to a graphical HTML report, so that you can print the report and review it easily.

Other features:

  • Scans large networks by sending UDP query status to every IP
  • Lists NETBIOS name table for each responding computer
  • Provides NETBIOS hostname, currently logged username & MAC address
  • Provides a list of shares, users (detailed info), services, sessions, remote TOD (time of day) & registry information from remote computer (NT/2000)
  • Tests password strength on Windows 9x/NT/2000 systems using a dictionary of commonly used passwords
  • SNMP device detection, SNMP Walk for inspecting network devices like routers, network printers...
  • Support for sending spoofed messages (social engineering)
  • DNS lookup (www.somehost.com - > xxx.xxx.xxx.xxx); resolve hostnames (reverse DNS)
  • Trace route support for network mapping
  • Configuration manager so you can easily save particular scans.
  • Security vulnerabilities are now categorized according to importance (high/medium/low)
  • Scan filters allow for easy filtering of scan data
  • More scripts and vulnerabilities; includes top SANS vulnerabilities
  • Scalable back-end: GFI LANguard N.S.S. 5 now uses a Microsoft Access or SQL database for storing scan data; the database makes it easy to create custom reports and perform trending analysis
  • Scan results can be saved to XML for reporting purposes
  • Improved SQL server audit tool
  • New tool to enumerate users.

A detailed list of new features is available at http://kbase.gfi.com/showarticle.asp?id=KBID002051.

About GFI LANguard N.S.S.
GFI LANguard Network Security Scanner (N.S.S.) checks a network for possible security vulnerabilities by scanning the entire network for missing security patches, services packs, open shares, open ports, unused user accounts and more. With this information (displayed in customizable reports), administrators can easily lock down their network against hackers. GFI LANguard N.S.S. can also remotely deploy missing patches and service packs in applications and OS. GFI LANguard N.S.S. is the leading Windows security scanner and very competitively priced. For more information and to download the product, one can visit http://www.gfi.com/lannetscan/.

About GFI
GFI Software Ltd. is a leading provider of network security, content security and messaging software. Key products include the GFI FAXmaker fax server software for Exchange and SMTP servers; GFI MailSecurity email security software for Exchange and SMTP servers; GFI MailEssentials server-based anti-spam software; GFI LANguard Network Security Scanner (N.S.S.) security scanning and patch management software; GFI Network Server Monitor network management software; and GFI LANguard Security Event Log Monitor (S.E.L.M.) that performs network-wide event log management and auditing. Clients include Microsoft, Telstra, Time Warner Cable, Shell Oil Lubricants, NASA, DHL, Caterpillar, BMW, the US IRS, and the USAF. GFI has offices in the US, the UK, Germany, Cyprus, Romania, Australia and Malta, and operates through a worldwide network of distributors. GFI is a Microsoft Gold Certified Partner and has won the Microsoft Fusion (GEM) Packaged Application Partner of the Year award. For more information about GFI, visit http://www.gfi.com.

All product and company names herein may be trademarks of their respective owners.


arrowSearch Advisories

arrowNewsletter

Free weekly Newsletter.

Please enter your email address here:
arrowReport Vulnerability

If you've found a vulnerability please
click here to report it.
arrowPartners

newsnow

About Us | Contact Us | Advertise | email | Backend flag
Copyright © 2016-2017 Security Corporation - All Rights Reserved - Legal - Privacy Policy