General discussion

Locked

IT Audit Tools Needed

By jkdunne ·
Hi all,
I'm looking for a tool to help us in carrying out our Audits. Functionality we require for the software includes ability to:

Extract information from the system configuration of the operating system in both Windows and UNIX

Extract user and password information from the server.

Extract information on vulnerabilities from the server (e.g. Windows updates not set to automatically download and install.

Extract information on the configuration of the Database (Oracle, MS SQL)

Extract information on file permissions.

I would appreciate it if anyone could point me towards any products that may carry out any of the functionality described.

Thanks

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

You just about has me there until

by NOW LEFT TR In reply to IT Audit Tools Needed

"Extract user and password information from the server"

This would require cracking the passwords - somthing which I will not tell you how to do.

Collapse -

IT Audit Tools

by jkdunne In reply to You just about has me the ...

Hey, I'm not looking to crack passwords. I'm looking for applications that give information on password policies, user rights etc. If I wanted password dumpers i'd just get the likes of pwdump, l0phtcrack, cain etc. but they don't do what I want.

Collapse -

My mistake

by NOW LEFT TR In reply to IT Audit Tools

was the way I picked up the post.

Collapse -

I kind of read it the same way too jk

by DanLM In reply to IT Audit Tools

If you wouldn't have followed up with Tech, I wouldn't have know exactly what you meant.

Dan

Collapse -

No hard feelings

by jkdunne In reply to I kind of read it the sam ...

No worries lads. Just a pain in the *** of an assignment. I think my boss wants a miracle piece of software that'll do the whole job for us. Found a piece of software called AuditExpress that does some of what I need but still looking.

My search continues......

Collapse -

IT Tools

by rgr_b_smith In reply to No hard feelings

I use a product called DameWare that allows me to export the user information you described. In the export utility you will have a list of users, and the last time their password was changed (in a csv or xml format).

You can also get information on the server shares and what groups are assigned access to them.

For Windows vulnerabilites, you can run the hfnetchk utility. After you download the app, you can make a simple batch file that will poll and dump the data:

@echo off

REM =====================================================================================
REM
REM Sets default starting location, and sets string for file name (yyyy/mm/dd)
REM
REM =====================================================================================


REM @echo What is today's date (YYYY.MM.DD) ENTER..

REM set /p name=

cd \

REM =====================================================================================
REM
REM SETS <SERVER> LOG DIRECTORY. USED TO DELETE OLD LOG FILE
REM
REM =====================================================================================

cd logs\<SERVERNAME>\
del *.txt

REM =====================================================================================
REM
REM CREATES AN INDIVIDUAL TXT FILE FOR EACH SERVER
REM
REM =====================================================================================

cd\
cd progra~1\mida86~1\

mbsacli.exe /hf -v -i <IP_ADDRESS> -u <USERNAME> -p <PASSWORD> -f c:\LOGS\<SERVER>\<SERVER>.<IP_ADDRESS>.txt

REM =====================================================================================
REM
REM This command is used to zip the contents of the c:\logs\<SERVER> directory into a
REM zip file named <date mm.dd.yy>.zip
REM
REM =====================================================================================

wzzip "c:\logs\<SERVER>\<SERVER> - %name%.zip" c:\logs\<SERVER>\*.txt -pr

REM =====================================================================================
REM
REM This command is used to move the last zipped up file to the archive section.
REM
REM =====================================================================================

move /Y c:\logs\<SERVER>\*.zip c:\logs\<SERVER>\old_logs\

--------------

I implicitly name and IP above so I can track multiple servers inside and outside the domain.

I'm not a PERL or scripter, I like to stay simple for me with batch files.

Good luck.

Collapse -

SecurityExpressions

by jtnieves In reply to No hard feelings

My company uses SecurityExpressions which is made by the same outfit (Altiris -- formerly, Pedestal Software) for this purpose. We use it for both Windows and UNIX systems. It's agent-less and customizable.

http://www.altiris.com/Products/SecurityExpressions.aspx

Good luck in your search.

Collapse -

IT Audit Tools Needed

by terry.pudwell In reply to IT Audit Tools Needed

Hi,

I can't tell from your posting if you're only looking for freeware audit tools, but a commercial product with hundreds of major enterprise customers all over the world is Assuria Auditor, from Assuria Ltd (www.assuria.com).

It delivers comprehensive vulnerability assessment, configuration assurance, compliance monitoring (eg SOX) and change monitoring on Unix, Linux and Windows platforms, with Oracle Db security configuration checks also about to be delivered.

Regards

Collapse -

IT audit Tool - Free and trials versions

by thebert In reply to IT Audit Tools Needed

best IT audit tool that I've come by is auditor pro from ecora - www.ecora.com - hundreds of reports out of the box - across 18+ platforms/apss/OS's. enables centralized management, auditing, reporting and change identification of configurations in virtually all operating systems, database management systems, applications and network devices. worth a look

Collapse -

IT Audit Tools Required

by Bruce.Murphy In reply to IT Audit Tools Needed

There are several tools that are available. You might looks at the following and most of these allow a 30 day download for evaluation purposes.

I also use Dameware and it is okay for looking at various parts of the system and performing some of the audits you are looking at.

Retina Scanner http://www.eeye.com/html/index.html
Nessus Scanner http://www.nessus.org/nessus/
GFI Security Scanner http://www.gfi.com
Sekchek Tools http://www.sekchek.com/
Other Tools http://www.insecure.org

Back to Networks Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums