Solved

How to prepare for internal security audit?

Posted on 2011-03-17
1
507 Views
Last Modified: 2012-05-11
Hello,

We are having an internal audit completed in several weeks. I was wondering what types of free or functional trial software I can use to scan my network for various weak entries, open shares, blank passwords on routers, sql, etc? We are wired only and no wireless.

They do two types of internal audits i'm mostly concerned with preparing for. The first is we give them access to our network as an end user and the second is when they find a random port then they try to gain access. What they won't do is sniff our network traffic for passwords.

We've done all the easy basic things like full disk encryption, usb lock, port lock downs, firewalls, anti virus on pc's. I'm looking for something that will go out on my network to find something more!

Unfortunately, I haven't implemented a DLP (Data Loss Prevention) system. That isn't scheduled to go live for another month or two.
0
Comment
Question by:First Last
1 Comment
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 35161381
Biggest thing I've seen on audits is on the ASA/PIX interface itself, not restricted to SSLV3 only. SSl v1/2 is default for SSH and HTTPS to manage the device itself. Be sure to set it to SSLV3 only before the audit...
Otherwise, get NMAP and run it internally..
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now