security assessment tools paula kiernan senior consultant ward solutions
TRANSCRIPT
Security Assessment Tools
Paula Kiernan
Senior Consultant
Ward Solutions
Session Prerequisites
Hands-on experience with Windows 2000 or Windows Server 2003
Working knowledge of networking, including basics of security
Basic knowledge of network security-assessment strategies
Level 200
Session Overview
Free Security Assessment Tools from Microsoft
Alternative Assessment Methods
Security Assessment Tools
Free Security Assessment Tools from Microsoft
Alternative Assessment Methods
Free Security Assessment Tools
Free Security Assessment Tools from Microsoft include:Free Security Assessment Tools from Microsoft include:
MBSA Microsoft UpdateExBPAMSRSATPort Query
MBSA Microsoft UpdateExBPAMSRSATPort Query
MBSA
Microsoft Baseline Security Analyzer can examine one or more computers for the following:Microsoft Baseline Security Analyzer can examine one or more computers for the following:
Missing Security Updates Missing Office UpdatesVulnerabilities in Windows, IIS, SQL and Exchange (depending on MBSA version)Vulnerabilities in Internet ExplorerWeak passwords, Auditing, Sharesand much more…
Missing Security Updates Missing Office UpdatesVulnerabilities in Windows, IIS, SQL and Exchange (depending on MBSA version)Vulnerabilities in Internet ExplorerWeak passwords, Auditing, Sharesand much more…
http://download.microsoft.comhttp://download.microsoft.com
Demonstration 1: Using the MBSA
Analyze a computer using the MBSA
Microsoft Update
Main site for obtaining updates for:
Windows
Office
Internet Explorer
All other Microsoft applications
Will replace Windows and Office Update sites
http://update.microsoft.com/microsoftupdate/http://update.microsoft.com/microsoftupdate/
Exchange Best Practices Analyzer
ExBPA can examine your Exchange servers to:ExBPA can examine your Exchange servers to:
Generate a list of issues, such as misconfigurations or unsupported or non-recommended optionsGenerate a list of issues, such as misconfigurations or unsupported or non-recommended options
Judge the general health of a systemJudge the general health of a system
Help troubleshoot specific problemsHelp troubleshoot specific problems
http://download.microsoft.comhttp://download.microsoft.com
Demonstration 2: Analyzing Configuration Settings on Exchange Server 2003
Analyze Exchange Server using the ExBPA Tool
MSRSAT
Microsofts’ Security Risk Self-Assessment Tool:Microsofts’ Security Risk Self-Assessment Tool:
Assess compliance with Microsoft Security Risk Management Discipline guidelinesAssess compliance with Microsoft Security Risk Management Discipline guidelines
Baseline for assessing security status of an organizationBaseline for assessing security status of an organization
Obtain advice on areas requiring improvement that may otherwise have been missedObtain advice on areas requiring improvement that may otherwise have been missed
Demonstration 3: Using the MSRSAT
Using the MSRSA tool
Port Query
Port Query can be used to:Port Query can be used to:
Examine specified ports to determine their stateLISTENINGFILTEREDNOT LISTENING
PortqryUI.exePortqry.exe
Examine specified ports to determine their stateLISTENINGFILTEREDNOT LISTENING
PortqryUI.exePortqry.exe
portqry -n microsoft.com -p tcp -e 25 portqry -n 169.254.0.11 -p tcp -o 143,110,25 -l portqry.txtportqry -n microsoft.com -p tcp -e 25 portqry -n 169.254.0.11 -p tcp -o 143,110,25 -l portqry.txt
Port Query UI
Demonstration 4: Using the Port Query UI
Analyze a computer using Port Query
Other Free Security Assessment Tools
Other free software available from Microsoft:Other free software available from Microsoft:
Malicious Software Removal ToolWindows AntiSpyware (in Beta)Application Threat Modeling Tool
Malicious Software Removal ToolWindows AntiSpyware (in Beta)Application Threat Modeling Tool
Malicious Software Removal Tool
Demonstration 5: Using the Malicious Software Removal Tool
Analyze a computer using MSRT
Security Assessment Tools
Free Security Assessment Tools from Microsoft
Alternative Security Assessment Methods
Alternative Security Assessment Methods
Other methods for assessing your network security include:Other methods for assessing your network security include:
Purchase advanced security assessment tools e.g. NetIQs’ Vulnerability ManagerHave a professional Penetration Test carried out by security experts
Purchase advanced security assessment tools e.g. NetIQs’ Vulnerability ManagerHave a professional Penetration Test carried out by security experts
Session Summary
Take advantage of the free security assessment tools from MicrosoftTake advantage of the free security assessment tools from Microsoft
Check http://download.microsoft.com/ regularly for new free toolsCheck http://download.microsoft.com/ regularly for new free tools
Sign up for the Security Bulletin service from MicrosoftSign up for the Security Bulletin service from Microsoft
Follow a Defense in Depth approach to security and security assessmentsFollow a Defense in Depth approach to security and security assessments
Keep systems up-to-date on security updates and service packsKeep systems up-to-date on security updates and service packs
Next Steps
Find additional security training events:http://www.microsoft.com/ireland/events/default.asp
Sign up for security communications:http://www.microsoft.com/technet/security/signup/default.mspx
Find additional e-learning clinicshttps://www.microsoftelearning.com/security/
Find additional tools and downloads:http://download.microsoft.com
Questions and Answers Clinic
Security Clinic Questions
Patch Management
Anti-Virus
Firewalls and Perimeter Security
Server Hardening
Group Policy
Security Assessment
Policies and Procedures
