In today’s workplace environment, network administrators need to maintain a constant vigil to protect their corporation’s network resources. As you know, most networks today are connected to the Internet either constantly or on demand via dial-up modems. These connections provide would-be attackers an easy avenue for invading and possibly damaging your network. To guard against these unauthorized accesses to your network, you need to constantly look over the state of your network’s security. In this Daily Feature, I’ll introduce you to Atelier’s Web Security Port Scanner (AWSPS) and examine some of the proactive uses you can make of this utility to improve your network’s chances for escaping harm from outside influences.
Where to find the utility
You’ll find the utility in a variety of sites on the Internet, but to ensure you’re getting the latest version, I suggest you make for Atelier’s Web site. From here, you can either download the 15-day free trial version or purchase the Professional level of the utility for somewhere between $30 and $42 for individual licenses and $75 and $190 for company licenses. I think you’ll quickly decide that the $30 price tag is a real bargain after you’ve loaded the trial version a couple of times on your personal workstation.
To run the utility, your workstation or server should have a 486 or better processor with a minimum of 16 MB of RAM. (Atelier recommends 64 MB.) You need to be running Microsoft Windows 9x or NT/2000. If you’re running Windows 95, the utility requires that you also load the Windows Sockets 2.0 for Windows 95 Update to fully facilitate the functioning of the utility. Of course, you also need to have the TCP/IP protocol configured correctly or you won’t see the rest of your network. The full installation requires a little less than 1 MB of hard drive space. In Figure A, you can see an example of the full-blown Professional version.
|You can easily examine the workings of your network’s communications with the AWSPS utility.|
Finding ways into your network
As you know, you’ll find the TCP/IP and NetBIOS protocols running on just about every networked Intel-based computer in the land. What this means to you is that anyone (and I mean anyone) on the Internet can find an unsecured workstation connected to your network, if they really want to. Each one of these protocols uses port assignments to function correctly and deliver the services your client workstations are constantly accessing. According to how the protocol’s and port’s options are configured on your corporation’s network, you could be faced with a potential disaster. Your job is to make sure that any potential security holes are located and plugged within each protocol’s use of the available ports. AWSPS provides an assortment of features that enable you to accomplish just that, including getting information on over 5,200 assigned ports from within its internal database. Once activated, the utility delivers information about your network, including the following:
- Packet captures and decodes for Windows 2000 workstations and servers
- Reliable UDP port scans using intelligent probes
- Application port mapping
- Local connections instant report
- Listening ports instant report
- Active routes
- Active DNS servers
- TCP statistics for local ports
- UDP statistics for local ports
- ICMP statistics for local ports
- IP statistics and settings report
- Addressing Information Table from local machine
- Adjustable high-speed TCP Connect scanning engine
What’s my workstation doing?
Ever wonder how your workstation is connected to the Internet and which ports are in use for each open application? If so, you now have a simple method for discovering this information. Just start up your copy of the AWSPS utility and click on the Local tab to view the workings of the workstation on which you’re running the utility, as shown in Figure B.
|You can view the statistics for your local workstation on this screen.|
Once you’ve opened the Local window, as shown in Figure B, click the Lighthouse icon (Ports Finder) located on the left side of the window to start the scan for every open port on your workstation. You may experience a little slowness in your applications while the scan is progressing, but be sure you don’t close any applications while it’s running or you might mess up the scan. When the scan completes its work after a few minutes, you’ll receive the Ports Finder display box, shown in Figure C. If you don’t understand what a particular port is doing, simply click the globe icon directly beneath the Ports Finder to access the Ports Database. This causes the AWSPS Port Information dialog box to appear on your screen. Simply enter the appropriate port number to identify the port’s purpose.
|You can scan for ports in use on your workstation by open applications or services.|
The overall picture
As you can see, AWSPS offers an impressive array of network diagnostic tools. These tools and the port database, with reports for over 5,000 assigned ports, enable you to watch TCP, UDP, and local network ports in “real time.” By sniffing out possible security holes in your existing network, you can then modify their configuration and protect your network before it’s hacked by someone with less than good intentions. In my opinion, this tool is a must-have for network administrators and security consultants.