General discussion

  • Creator
    Topic
  • #2278856

    NETWORK AUDIT

    Locked

    by rezuma ·

    Hi everybody,

    I am an IT consultant (I just started as a independent consultant), I am confident in my knowledge solving problems.
    Can anybody recommend me a book or online paper about which are the step to follow when auditing a network? I have a new clients who wants me to solve the few problems that they have and also to do a report of things that could be improve. IT is a windows 2000/2003 network with several satellite offices, so I know that I should check router, AD sites configuration, etc, I know already things I would have to check but I am wondering is there is a book or paper that gives you an organize step by step of things to do when auditing a network… I could work on my own protocol of auditing a network but I would prefer to see if somebody has already done this.

    Thank you very much

    Rezuma

All Comments

  • Author
    Replies
    • #2721474

      NIST

      by tjbaum ·

      In reply to NETWORK AUDIT

      http://www.nist.gov is a great source.

      • #2721539

        Classic consultant .. start from the business

        by mrtibbs ·

        In reply to NIST

        What does the company need? How critical is the IT? If you look at the IT from a business perspective rather than a technical challenge you can assign priorities, risk exposure and real value to your recommendations.
        Remember to check with the client that this work is really wanted .. maybe they just want someone to ‘fix their lan’

        Also check http://www.sans.org and http://www.giac.com

        • #3306262

          define the audit

          by bzachary ·

          In reply to Classic consultant .. start from the business

          The first thing I normally do is define the audit. Do they want software/hardware audit? Do they need things like hd/ram/os. Is this more of a pen. test? (ports/firewall config etc).

          Define the critical areas of data. Users, Accting files, SQL db, whatever. Then find out who ‘owns’ or is in charge of that data. This will help you define your criteria.

          If all you are looking for is a simple hw/sw grab some of the low end software apps and you can get a quick snapshot. Ask the customer to purchase the software required as it is theirs to keep.

        • #3306222

          Define Audit & Get Buy-In on Scope

          by amay_alias ·

          In reply to define the audit

          You have already received good feedback from the two earlier respondants. (Biz needs and definition of body of work)

          Define the scope of your Audit, ‘what it will cover’ (ie; what will be delivered), and ‘what it will not cover’.

          Get buy-in from your client on your proposed direction. (Your work might include doing a topology map, (Visio is fine for this exercise), of hw, networking and software), defining user group(s), monitoring / redundancy / security rendered under deployed architecture and the resources required to maintain the ‘As Is’ configuration.

          Then you can get to work showing off how you can improve their setup AFTER your client imparts a clear vision of their IT needs as it supports their core business and their plans for growth in near future. Be sure to contemplate ROI considerations before you make recommendations to change their existing real estate.

          Good luck!
          Allison

        • #3306978

          Penetration Testing et al

          by svandermolen ·

          In reply to Define Audit & Get Buy-In on Scope

          If penetration testing is defined as being in scope, it would be a good idea to have the proper legal documentation, especially if they want you to test agsinst denial of service attacks.

          You should also get them to define whether or not the IT department will be aware of the security audit. Part of the audit might be to test response strategies, where only a few people are in-the-know.

    • #3306192

      Use free monitoring tool

      by firehorse3971 ·

      In reply to NETWORK AUDIT

      You can download a free monitoring tool called Nagios ( URL : http://www.nagios.com ) install on a linux server to proceed detail service monitoring.
      Besides, you can also download a security scanner ( URL: http://www.nexus.com )

    • #3306081

      Try these links

      by Jay Garmon ·

      In reply to NETWORK AUDIT

      Making IT Work: How Often Should I Audit My Network?
      http://itpapers.techrepublic.com/abstract.aspx?docid=87227

      A simple chart for IT audits and security efforts
      http://techrepublic.com.com/5100-6298_11-1060378.html

      Audit Win2K services and security with Subinacl
      http://techrepublic.com.com/5100-6268_11-1051004.html

      Conduct an internal and external security audit
      http://techrepublic.com.com/5100-6264_11-1058963.html

      Final step in security audit process
      http://techrepublic.com.com/5100-6329_11-1051365.html

      Use LANguard to scan and audit network security
      http://techrepublic.com.com/5100-6265_11-1058208.html

      Members know their Windows 2000 local file and folder auditing basics
      http://techrepublic.com.com/5100-6270_11-5034634.html

      How to audit file and folder access to improve Windows 2000 Pro security
      http://techrepublic.com.com/5100-6270_11-5034308.html

      Cleaning up a predecessor’s messy network
      http://techrepublic.com.com/5100-6263_11-1054652.html

      There are also a good number of articles on our subscription site, TechProGuild:

      Create a Windows 2000 audit policy
      http://techrepublic.com.com/5100-6345_11-1046917.html

      Know what’s happening on your Windows 2000 server with auditing
      http://techrepublic.com.com/5100-6345_11-1056939.html

      Expose holes in your network by using the tools of the hacker trade
      http://techrepublic.com.com/5100-6345_11-1056955.html

      Compare your server’s security with the Consensus Baseline Security Settings
      http://techrepublic.com.com/5100-6345_11-5031626.html

      Auditing resources on Windows 2000 Professional, part 3
      http://techrepublic.com.com/5100-6346_11-5033684.html

      Auditing 101: What’s happening on your network?
      http://techrepublic.com.com/5100-6345_11-5033789.html

    • #3306905

      Reply To: NETWORK AUDIT

      by gaynor ·

      In reply to NETWORK AUDIT

      Hi there
      Try centennial – http://www.centennial.co.uk
      or Belarc http://www.belarc.com

    • #3306674

      Don’t forget the business angle, too…

      by expatjohn ·

      In reply to NETWORK AUDIT

      My two yen here…

      While going through all the techie stuff, it may be a good idea (well, at least, I do this…) to include some business scope in the audit.

      I presume your audience will not be exclusively IT people. Therefore, the audit results would be easier to understand from their point of view if you include some points about asset depreciation, projections of costs for replacement machines/parts/software over the next 12-24 months, etc. Break it down my whatever category is convenient (i.e. function, department, satellite office location, etc.) It will be a good bonus to put in because A) most IT audits focus only on the tech angle or only on the business angle, but very rarely does one cover both and B) it will show you are aware of costs and are not treating the client like they have a blank check for future IT purchases.

      Cheers,
      John

Viewing 4 reply threads