Penetration Testing mailing list archives
Re: Auditing Firewalls
From: Javier Fernández-Sanguino <jfernandez () germinus com>
Date: Fri, 14 Dec 2007 15:52:40 +0100
Gleb Paharenko <gpaharenko () gmail com> ha escrito:
Hi. I've found audit scripts is very useful not even for security checks, but for gathering info from audited system. It is easier to make baselines also. Can somebody provide more links to good audit scripts, especially for windows. Did somebody compare solaris scripts with JASS, and windows staff with MBSA? Did someone give a shot to cscript instead of batch files?
Well, I've always used the Audit script for Windows I wrote back some years ago (http://cvs.savannah.nongnu.org/viewvc/tiger/audit/audit_windows.bat?root=tiger&view=markup).
Unlike MBSA or CIsecurity's scripts, that audit script only gathers information, it is up to you to analyse it and infer issues. It also depends on some external tools (specially Sysinternals') to extract more data from the system than the data available with the OS tools.
A quick search in Google for other audit scripts brings up http://www.open-audit.org/. As part of their audit scripts they provide some Visual Basic scripts (that can use cscript) to extract system information.
Regards Javier ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Auditing Firewalls ahgaber_rehan (Dec 06)
- Re: Auditing Firewalls Gleb Paharenko (Dec 10)
- Re: Auditing Firewalls Javier Reyna Padilla (Dec 12)
- Re: Auditing Firewalls Javier Fernández-Sanguino (Dec 13)
- Re: Auditing Firewalls Gleb Paharenko (Dec 14)
- Re: Auditing Firewalls Javier Fernández-Sanguino (Dec 14)
- Re: Auditing Firewalls Gleb Paharenko (Dec 14)
- <Possible follow-ups>
- Re: Auditing Firewalls eladexposed (Dec 14)