|
AuditPro
for Windows |
|
Windows NT,
2000, 2003 |
Network
Intelligence (I) Pvt. Ltd. |
http://www.nii.co.in/software/apwin.html |
|
AuditPro for
Windows is an agent-less security auditing tool that remotely connects to
Windows NT, 2000 and 2003 servers using Administrator privileges and
carries out a full-fledged policy-based audit to identify mis-configurations,
weak passwords, software installed, NTFS and share permissions, missing
patches, and other vulnerabilities. The detailed report contains the risks
associated with each of the discovered vulnerabilities, and
countermeasures to protect your servers. |
|
COMMERCIAL
|
Information Updated: 19 Aug 2004
|
|
|
|
Agent : NT
|
Bindview 5151
San Felipe |
Suite 2100 |
Houston, TX |
77056 |
USA
|
http://bindview.com/products
/bv-admin/win32admin.html
|
bv-Admin solves the challenges associated
with managing users and their associated resources in a Windows-focused
and/or multi-platform IT enterprise. A comprehensive, integrated
directory management solution, bv-Admin streamlines the administration
of resources across Windows NT domains and Windows 2000 domains, trees
and forests. With bv-Admin's unique role-based delegation,
administrators can group discrete management tasks into roles and assign
these roles to trustees to delegate precisely the amount of authority
each trustee needs. bv-Admin is the easy way to get the most from Active
Directory.
|
|
COMMERCIAL
|
Information
Updated: 05 Nov 2000
|
|
|
|
Agent : NT
|
Bindview 5151
San Felipe |
Suite 2100 |
Houston, TX |
77056 |
USA
|
http://bindview.com/products/bv-admin/ndsadmin.html
|
|
bv-control for
Netware, administer and secure your NetWare servers enterprise-wide. A
comprehensive security and systems management solution, bv-Control for
NetWare pinpoints and corrects risks to the health and integrity of your
NetWare server's parameters and the NetWare file system. BindView's
exclusive ActiveAdmin technology enables customers to close security holes
and enforce standards across the entire enterprise
bv-control for NDS is the easiest way to administer and secure your
NDS enterprise. A comprehensive security and systems management solution,
bv-Control for NDS pinpoints and corrects risks to the health and
integrity of all NDS objects and their associated security configurations.
BindView's exclusive ActiveAdmin technology enables customers to close
security holes and enforce security policies across the enterprise.
|
|
COMMERCIAL
|
Information
Updated: 30 Jul 2000
|
|
 |
|
|
|
Agent : NT
|
Bindview 5151
San Felipe |
Suite 2100 |
Houston, TX |
77056 |
USA
|
http://bindview.com/products/bv-admin/exchadmin.html
|
bv-Control for Microsoft Exchange is an IT
risk management solution that effectively pinpoints and identifies risks
to the health and integrity of Microsoft Exchange environments. It
delivers comprehensive configuration, security, administrative and
availability management for Microsoft Exchange through a central
Microsoft®Management Console without deploying technology on
every machine.
bv-Control for Microsoft Exchange ensures high availability and
performance of Microsoft Exchange environments. Constantly monitoring
the health and efficiency of the Microsoft Exchange environment,bv-Control
for Microsoft Exchange issues alerts to administrators before users
experience system downtime and performance issues. Service levels are
maintained by allowing administrators to effectively pinpoint and
proactively correct problems from a central console.
|
|
COMMERCIAL
|
Information
Updated: 30 Jul 2000
|
|
Centrax
(formerly eNTrax)
Appears to be Ceased 02 Nov 03
|
|
Agent:
Console: Win32
|
CyberSafe Corporation, Issaquah, WA
|
http://www.cybersafe.com/centrax24/index.html
|
|
Centrax
provides vulnerability assessment of security holes based on a predefined
level of preferred security. The following are configuration weaknesses
that can be detected:
Administrative: Indicates the
number of users and percentage of users with administrative privilege.
Legal Notice: Indicates the lack of a legal notice.
Partitions: Indicates drive partitions as either NTFS or FAT.
Passwords: Indicates password policies: force logout after (minutes),
lockout after (bad attempts), lockout duration (minutes), maximum password
age (days), minimum password age (days), minimum password length
(characters), password uniqueness (number), and reset count after
(minutes).
Screen Saver: Indicates if a screen saver is used, if a password is used,
and the timeout in minutes.
Security Posture: Provides a summary of recommended changes to improve
overall security as well as a summary description of the percentage of
users with administrative privileges, percentage of users with a poor
password account policy, legal notice indication, percentage of users with
locking screen savers, and existence of FAT partitions.
|
|
COMMERCIAL
|
Information Updated: 30 Jul 2000
|
|
|
|
Cerberus'
Internet Scanner
|
|
Win NT/2000
|
Cerberus Security Team
|
http://www.cerberus-infosec.co.uk/cis.shtml
|
|
Takes a modular approach. Each scan module is
implemented as a DLL so when an update to a particular module occurs the
user only needs to download the updated DLL. Added to this the user can
choose which modules they want to run.
Comprehensive - pushing around 300 checks. As far as scanning web servers
goes CIS is one of the best. When compared against the market leading
scanners CIS usually finds more security issues.
Hidden Command line capability - run scans in the background. This means
that if a user wants to scan a large number of hosts they can implement
this in a batch file and once a scan has started control is returned to
the command prompt so the next and subsequent scans can start immediatley.
C:\CIS\>cis host
Scan modules include WWW, SQL, ftp, various NT checks, SMTP, POP3, DNS,
finger and more
Backed by one of the World's best security teams, the CST (Cerberus
Security Team).
Reports generated are HTML based with hyper-text links to more
information
Easy to use Graphical User Interface
Multi-threaded so scan time is minimized.
Light on memory usage
Updated on a very regular basis
|
|
FREEWARE
|
Information Updated:
16 Oct 2000
|
|
CyberCop Scanner
|
|
Agent/Sentry:
Win32 or Linux
|
Network Associates, Inc
|
http://www.pgp.com/products/cybercop-scanner/default.asp
|
|
CyberCop Scanner identifies security holes to prevent
intruders from accessing your mission-critical data. It unveils
weaknesses, validates policies and enforces corporate security strategies.
It tests NT and UNIX workstations, servers, hubs and switches and performs
thorough perimeter audits of firewalls and routers. CyberCop Scanner
combines powerful architecture and comprehensive security data to make
your e-business security certain.
-
Validates the effectiveness of your security systems
and policies.
-
Ensures that your systems have been tested with the
most complete list of security checks available.
-
Provides in-depth
assessment details to help you strengthen your network security
|
|
COMMERCIAL
|
Information Updated: 05
Nov 2000
|
|
|
|
Cybersight
|
|
Win32
|
Cryptic Software Ltd
|
www.cybersight.co.uk
|
|
Host file scanner
It is based on an engine which has to date indexed over 5,000 different
threats which fall
into 240 categories. Our engine will also analyse any executables for
thousands of hacking tools and threats not recognised by existing methods
even those inside compressed and encrypted files reporting back if
they contain capabilities which could be misused. An agent is
deployed on each PC around the network, and any new threats which are
detected are reported back to the central event console immediately they
are found. If a new malicious/suspect file is discovered the central
console can notify outlying agents to check for them. There is also a
plug-in for MimeSweeper, which allows any incoming threats to be
detected, even if they are wrapped, compressed.
|
|
COMMERCIAL
|
Information Updated:
25 Aug 2000
|
|
Enterprise Security Manager
|
|
|
Symantec
|
|
|
automates the discovery of security
vulnerabilities and deviations of the security policy in mission critical
e-Business applications and servers across the enterprise from a single
location. It provides enterprise-class tools that allow administrators to
create security baselines for every system on the network and measure
performance against those baselines to ensure that devices are properly
configured and being used in accordance with policies. With its tools,
administrators can quickly and cost effectively create and manage online
security policies and user-defined security domains, identify systems that
are not in compliance, and correct faulty security settings on systems at
any location to bring them back into compliance.
|
|
COMMERCIAL
|
Information Updated:
30 Jul 2000
|
|
eTrust Policy Compliance
|
|
Agents: NT, Unix, VAX/VMS, SyBase,
Oracle
Console: NT, Unix, Vax/VMS,
|
Computer Associates
|
http://www.cai.com/solutions/
enterprise/etrust/policy_compliance/
|
|
Companies
need to implement vulnerability assessment tools, develop and enforce enterprise-wide
security policies, and provide appropriate audit-ready documentation. eTrust
Policy Compliance enables organizations to prepare against unauthorized
usage or attacks by:
Identifying potential weak points in an organization’s security policies.
eTrust Policy Compliance will identify, for example, policies that do not
specify exact read/write rights for a file.
Automatically generating appropriate corrections. By creating a script to
fix identified vulnerabilities and policy breaches, eTrust Policy Compliance
helps you respond without delay. DOES NOT FIX NT
Monitoring the network of systems and databases on an ongoing basis. eTrust
Policy Compliance immediately identifies systems that have security-related
changes and generates audit reports.
|
|
COMMERCIAL
|
Information Updated: 06 Mar 2000
|
|
|
|
ForixNT
Website Down 02 Nov 03
|
|
NT
- NT host is agentless
|
Forix Business Solutions
|
http://www.forixnt.com/
|
|
ForixNT is a flexible,
extensible toolkit that NT administrators can use to automate policy-based
security management in a way that fits their infrastructure. NT
administrators can use ForixNT to collect configuration information from
NT systems across the enterprise.
-
Centralized.
NT administrators can run ForixNT from a single, central location.
However, due to the design of ForixNT, NT admins are not limited in
any way...ForixNT can be run in a distributed fashion, just as easily.
-
Agentless. No software of
any kind needs to be loaded on the systems being examined by ForixNT.
NT administrators can retrieve information, and with the updated
ForixNT, modify that information, from a single, central location.
-
Flexible. Due to ForixNT's
modular design, driver scripts can be configured to perform specific
scans without having to perform all scans. For example, an NT
administrator can run complete scans on all machines, and then get the
permissions (ACLs) on application files from specific servers.
-
Easily updated. ForixNT
keeps lists of objects it queries (Registry keys for ACLs and values,
files and directories for ACLs, etc) in flat files. That way, an NT
administrator can quickly and easily update or modify the lists to
suit her needs.
-
Unlimited. When you
purchase ForixNT, there is no limit on the number of systems that can
be scanned or the number of times systems can be scanned.
|
|
COMMERCIAL
|
Information
Updated:5 Nov 2000
|
|
ISS System Scanner
|
|
Agents: NT or Unix
Console: NT or Solaris
|
Internet Security Systems, Inc.,
Atlanta, Georgia
|
http://www.iss.net/securing_e-business
/security_products/security_assessment
/system_scanner/index.php
|
|
System Scanner™
searches deep into your online operation to provide a host-based security
assessment that targets security weaknesses undetectable through network
scanning. While the Internet Scanner determines vulnerabilities by
scanning devices at the network level, System Scanner detects internal
vulnerabilities at the system level through a wide variety of cross
platform agents that reside on each system. These agents allow a security
policy to be implemented, managed, and controlled across an entire
enterprise from a centralized point. System Scanner prioritizes security
risk based on relative severity, and having secured the system, it locks
down the configuration with a digital fingerprint - making it easier to
detect unauthorized tampering. System Scanner agents are available for
both Windows NT and many UNIX platforms.
|
|
COMMERCIAL
|
Information
Updated:05 Nov 2000
|
|
|
|
NetPulse
2000
|
|
NT4
Win2000
target host is agentless
|
Labcal Technologies Inc
|
http://www.labcal.com/netpulse2000.php3
|
|
After the security policy is defined, NetPulse
can assess the security settings against the security policy for all the
networked Windows NT machines accessible to the Windows NT workstation or
server where NetPulse is installed. During the analysis of the assessment
results, any security settings that do not match the requirements of the
established security policy can be remotely corrected through NetPulse.
NetPulse's powerful report manager utility allows assessment results to be
printed using predefined or user-defined report formats.
Strengthen the security posture of a Windows NT computing
environment and its network resources.
Ease the implementation of security within a Windows NT
computing environment. NetPulse reduces the total effort required and
therefore assures a minimal product payback period.
Centralize management of security performed by a single
installation of the software application. There is no need to install
software agents on any of the Windows NT machines assessed by NetPulse.
Enable non-Windows NT security experts to effectively use and
learn from the NetPulse tool. NetPulse's intuitive user interface and
context sensitive help relax the requirement for a Windows NT security
expert to implement and manage security.
Improve security analysis and reporting.
|
|
COMMERCIAL
|
Information
Updated:05 Nov 2000
|
|
Security
CeNTer
|
|
Agents: NT
|
DataLynx Inc
|
http://www.dlxguard.com/products.htm
|
|
Security
CeNTer for Windows NT™ offers security management, policy compliance,
auditing, real-time response, and more. You can define an
auto-response to particular security events as they happen.
'Auto-discover' allows you to determine and monitor the operational state
of all your NT servers. Here's the biggie: Security CeNTer is NOT
agent based! Here's the OTHER biggie: Security CeNTer can do
all this WITHOUT IMPACTING SYSTEM PERFORMANCE !
|
|
COMMERCIAL
|
Information Updated:10 Jun 2000
|
|
|
|
SecurityExpressions
|
|
NT
- NT host is agentless
|
Pedestal Software
|
http://www.pedestalsoftware.com
/secexp/index.htm
|
|
SecurityExpressions
enables administrators to quickly and effectively lock down Windows NT and
Windows 2000 machines using custom-built or industry-standard security
policy guidelines such as those developed by Microsoft, NSA, SANS and
others. SecurityExpressions provides a powerful query language for
locating users, groups and files with specific security
profiles.SecurityExpressions provides compliance testing and reporting out
of the box. For example, by loading the included Microsoft Security White
Paper policy file, you can scan any machine on your network to see how it
complies. Using the tree-based interface, you can browse results on the
screen and manually or automatically correct deviations. Printed and HTML
reports document non-compliance items.
|
|
COMMERCIAL
|
Information Updated:12 Jul 2000
|
|
TARA
|
|
Red Hat Version 5.x, 6.x,
SGI IRIX 5.3, 6.x
SunOS 5.x.
|
Advanced Research Corporation
|
http://www.www-arc.com/tara/index.shtml
|
|
tiger is a set of scripts that scan a Un*x system
looking for security problems, in the same fashion as Dan Farmer's COPS.
'tiger' was originally developed to provide a check of UNIX systems on the
A&M campus that want to be accessed from off campus (clearance through
the packet filter). As such, we needed something that *anyone* could run
if they could figure out how to get it down to their machine.
Tiger Analytical Research Assistant (TARA) is an upgrade to the TAMU
'tiger' program. Since 'tiger' has not been updated since 1994, there were
numerous changes made to the 'systems' directories. Output was streamlined
to provide a more readable report file. Also, minor bugs in the 'scripts'
directory were corrected.
|
|
FREEWARE
|
Information
Updated:07 Jan 2001
|
|
|
|
VigilEnt
|
|
Agents: Windows
NT/2000,
IBM AS/400, UNIX, Linux, and Web servers Apache, Netscape, and IIS
|
Pentasafe Security Technologies Inc
|
http://www.pentasafe.com/products/VigilEnt.htm
|
|
The VigilEnt Security Management Solution is the first
solution in the market that can audit, secure and detect across a
heterogeneous environment from one common point of control. VigilEnt
is focused on securing the infrastructure that supports the e-business
applications of a corporation
Systems, events, and settings: Audit settings, password and
account policies, and physical configuration
Users and groups: Profile settings, password strength, group
membership, user and group rights, and detailed log on information
Files and directories: File permissions, file ownership, and
space used by owner
Internet and networking: TCP/IP filtering, RAS services,
hidden and administrative shares, vulnerable network services
Applications and Services: System services reporting and
management
|
|
COMMERCIAL
|
Information
Updated:21 Jul 2000
|
|
WebTrends
|
|
firewalls, routers, Windows 95/
98/ NT/ 2000 and UNIX systems and services
|
WebTrends Corporation
|
http://www.netiq.com/solutions/security/vulnerability.asp
|
|
WebTrends Security Analyzer discovers and
fixes the latest known security vulnerabilities on Internet, intranet and
extranet hosts. Currently Security Analyzer supports over 1000 tests for
Windows, Solaris and Linux with the most advanced agent-based technology
available. Systems are analyzed on demand or at scheduled intervals,
allowing prioritization and comparative reports to be generated including
recommended fixes that resolve possible threats. The built-in AutoSync
technology seamlessly updates WebTrends Security Analyzer with the latest
security tests for the most complete and current vulnerability analysis
available
VigilEnt
Security Manager Suite provides compliance with policies and standards as
well as the identification of vulnerabilities. Leverage a flexible,
scalable n-tier architecture to ensure minimal impact on your servers and
network, with both agents and agent-less implementations possible.
Generate scored checkup assessments, make flexible queries, and take user
and configuration actions on operating systems, databases, and web servers
to ensure policy compliance, identify vulnerabilities and enumerate
missing patches.
|
|
COMMERCIAL
|
Information Updated:02 Nov 2003
|
|
Last page update: 06
Sep 2007 |
|
Computer Network Defence Ltd
Information Security Consultancy and Recruiting
enquiries@securitywizardry.com
Copyright © 2004 Computer
Network Defence Ltd. All Rights Reserved.
|
PO Box 2680, Corsham, Wiltshire, SN13 0ZR, UK
Phone 0870 3219014
International +44 (0) 1225 811806
|
|
