Transcript is_493_-ashrafyoussef-_modifiedtutorial_3

5.1: LOOK FOR SECURITY EVENTS WITHIN
WINDOWS XP
Logging is automatically enabled for many items on a workstation,
but the log entries are only meaningful if examined.
To view the security events logged on a workstation, follow these
steps:
CONTI…
Choose Start  Run  eventvwr.msc
Within the left frame, click Security. All logged security events
appear.
To gather more information on any logged entry, double-click it.
Exit the Event Viewer.
5.2: SPICEWORKS (ASSETS LISTING)
SpiceWorks is the complete
network management &
monitoring, helpdesk,
PC inventory & software reporting solution to
manage everything IT in small and medium businesses.
In this exercise you will learn how to use this program to do
an inventory on your network,
and be able to list your assets.
CONT…
Follow these steps: (Make sure to follow steps one-by-one don’t go quickly clicking on
next).
After installing “SpiceWork”, click on its icon to run it.
Create your account by filling out your details. And click next.
Click on ‘Start with inventory’.
CONT…
Click ‘Scan my entire network’.
Under “Does the account you are logged into right now have remote
administration privileges to Windows computers on the
network?”
click on “NO”, and enter the user name and password given by the
instructor.
CONTI…
Click on next, and then
click on ‘Start’.
Scan will take time depending on the size of the network,
might take up to 15 minute.
CONTI…
Once scan is completed.
In the left box click on “Network Map”. How your network look like.
Change the view of the network by clicking on “Arrange”; try the
Tree, Hierarchy, and Radial layout.
From the left box click on “inventory”, see how many workstations,
Serves, and other hardware and software you have.
SPICE WORK
ASSETS IN SPICE WORK
NETWORK TOPOLOGY IN SPICE WORK.
5.3: COMPARE YOUR SYSTEM TO A SECURITY
TEMPLATE
You must be logged in as a member of the Administrators group (or
as Administrator) to be able to make this change.
To do so, follow these steps:
Choose Start  Run.
Type mmc and press Enter. This command opens a console window.
CONTI…
Choose File and then
Add/Remove Snap-In.
Beneath Add/Remove Snap-In,
Click Add, and a list of available add-ins appears.
Choose Security Configuration and Analysis and click Add.
Click Close.
Click OK.
CONTI…
Right-click Security Configuration and Analysis and choose Open
Database.
Type in the name of a database you want to create (such as test)
and click Open.
At the prompt to import a template, select ‘hisecws’ and click Open.
CONTI…
Right-click Security Configuration and Analysis and choose Analyze
Computer Now.
At the prompt for an error log file path, click OK to keep the default.
CONTI…
Expand Security Configuration and Analysis and then Password
Policy.
A red circle should appear beside Minimum Password Age (and
likely others),
showing that the computer is not configured as the template is.
To make all settings in the template apply, right-click Security
Configuration and Analysis and choose Configure Computer Now.
CONTI…
Repeat the analysis step, and all settings should now equal those in
the template.
5.4: ZENMAP
Zenmap is the official Nmap Security Scanner GUI, which makes Nmap easy for
beginners to use.
Zenmap is used to gather information about scanned IP or range of IPs.
Zenamp can be helpful in Security Auditing, Finding any “unwanted” people using
your network, creating simple visual diagrams of your network, and more.
In this exercise you will be learning how to use Zenmap to scan a network and
gather information. Follow these steps:
CONTI…
Start Zenmap, by clicking on the icon on your desktop.
In the ‘Target’ field write down your IP address leaving the last number ‘0’, and then
after your IP address directly write ‘/24’. (i.e. if your IP address is 10.131.55.10,
you should write 10.131.55.0/24).
You can find down your IP address from the CMD (ask your instructor).
CONTI…
Leave the ‘profile’ option on ‘intense scan’. And make sure the button ‘Hosts’ is
clicked.
CONTI…
Click on scan.
The left panel will show PCs found in your network and there operating systems.
The right panel will show information about the scanned PCs.
Search through data and find open ports on other PCs.
TUTORIAL DELIVERED BY :
Ashraf Youssef
IS dept.
College of Computer and Information Sciences (CCIS),
King Saud University ,
Riyadh ,
Kingdom of Saudi Arabia.
Mobile:0507181787
E-mail : [email protected]