The subsequent parts available now are:Allows technicians to take control of an end user’s computer as if they were physically sitting at the keyboard. Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.This is the first in a series about the tools available to implement the SANS Top 20 Security Controls. If you are interested in the effectiveness of DAST tools, check out the OWASP Benchmark project, which is scientifically measuring the effectiveness of all types of vulnerability detection tools. A large number of both commercial and open source tools of this type are available and all of these tools have their own strengths and weaknesses.Angry IP Scanner is an open-source and cross-platform network scanner designed to be fast and simple to use. RAM Capturer by Belkasoft is a free tool to dump the data from computer’s volatile memory. NMAP is supported on most of the operating systems including Windows, Linux, Solaris, MAC OS, HP-UX etc. Part 1 - we look at Inventory of Authorized and Unauthorized Devices.NMAP (Network Mapper) is one of the most popular networks and security auditing tools. It effectively identifies over 200 vulnerabilities, including SQL injections, PHP.Part 4 - we look at Continuous Vulnerability Assessment and Remediation. Part 3 - we look at Secure Configurations. Part 2 - we look at Inventory of Authorized and Unauthorized Software. (GPL) Linux - Windows - MAC OS X
Part 15 - we look at Controlled Access Based on the Need to Know. Part 14 - we look at Maintenance, Monitoring and Analysis of Audit Logs Part 12 - we look at Controlled Use of Administrative Privileges Part 10/11 - we look at Secure Configurations for Network Devices such as Firewalls, Routers, and Switches and Limitation and Control of Network Ports, Protocols and Services. Part 8/9 – we look at Data Recovery and Security Training. Part 7 - we look at Wireless Access Control The controls (ordered 1-20) are in order of importance. Taken directly from SANS, "The Critical Security Controls focuses first on prioritizing security functions that are effective against the latest Advanced Targeted Threats, with a strong emphasis on "What Works" - security controls where products, processes, architectures and services are in use that have demonstrated real world effectiveness." You can read more and view each control here.This series is an effort to compile a list of tools (free and commercial) that can help an IT administrator comply with the Security Controls. If you want standards and procedures, check out the NIST 800 series Special Publications (SP).The controls are recommendations made by leading security experts in information security. Part 18 - 20 we look at Incident Response and Pen TestingThe SANS Top 20 Security Controls are not standards. However, this one product meets the requirements of many controls. AlienVault OSSIM - A bit difficult for new admins starting out. Spiceworks - However, it does not do passive scanning, only active. Both active tools that scan through network address ranges and passive tools that identify hosts based on analyzing their traffic should be employed. Inventory of Authorized and Unauthorized Devices1-1 - Deploy an automated asset inventory discovery tool and use it to build a preliminary asset inventory of systems connected to an organization's public and private network(s). This is in no way meant to be a complete list, therefor I invite you to add tools you find useful to the comment below! Controls1. OpenAudIT - All open source inventorying, and auditing platform. Does support cross platform (Win,Lin,Mac). OCS Inventory NG - Requires an agent on scanned devices. It is hardware that finds literally EVERYTHING in, on, around, or near your network. While there are many commercial applications out there, I wanted to point you to PWNie Express. Can automate and directed discovery and provisioning, event and notification management, service assurance, performance measurement OpenNSM - Open Network Management System has been around since 1999, and brings with it the maturity of a great inventorying solution. ![]() Open Source Software Audit Tools Windows 10 So YouFreeRADIUS & 802.1x - How to setup 802.1x with FreeRADIUS. Just beware that NAP is deprecated in Windows 10 so you will need a 2rd party NAP client. Requires Server, switches, firewall, DHCP, DNS, workstation, WAP configuration. Rate of return for securing devices if deployed correctly = HIGH. Program editor for macGroup Policy for Wireless 802.1x - Group Policy for Wired 802.1x1-6 - Deploy network access control (NAC) to monitor authorized systems so if attacks occur, the impact can be remediated by moving the untrusted system to a virtual local area network that has minimal access. SANS guide to deploy 802.1x - Though Cisco is not free, if you already have Cisco switches, this guide can help get become compliant. No need for a third party. ![]() CounterACT incorporates a comprehensive, high performance host interrogation engine and provides an abundance of information about what is on that network. Forescout - CounterACT gives real-time visibility to users, devices, operating systems and applications that are connected to the network. This is for wired and wireless networks. Rich currently resides in Utah and is probably learning some new interesting thing at this moment. Rich has a bachelor degree in Information Technology, but feels his real knowledge has been gained through hands on experience, exploring security tools, and attending various security conventions.
0 Comments
Leave a Reply. |
AuthorErica ArchivesCategories |