3/11/2010 1:23:58 AM


Overview and Background
Trojan horses, hacker tools, DDoS (Distributed Denial-of-Service) agents, and spyware - collectively known as malicious software - can create backdoors into individual PCs or corporate servers and bypass established security measures. None are routinely detected by anti-virus software and, since pests do their damage from inside the organization, firewalls don't notice them. Some of the better IDS systems may indicate some suspicious traffic, but then it is left to the network manager to investigate and then take action.

Malicious software allows unauthorized users to breach firewalls and access sensitive data by assuming the identity of authorized users. Once this has been accomplished, unauthorized third parties and disgruntled insiders are able to:
  • Access electronic assets (customer database, financial records, intellectual property, trade secrets)
  • Compromise existing security
  • Destroy customer confidence
  • Expose the organization to litigation. Malicious software has the potential to create even greater damage than viruses - including significant loss of business, legal liability, and public relations nightmares.


Scans are particularly important if any of the following is true: 1) you have never performed a detailed vulnerability scan of workstations and servers; 2) you expect that any of your systems have been compromised; 3) you have operated at any time in the past with weak or deficient security defenses in place; 4) data from security devices such as firewalls indicate an unusually high level of activity; 5) IDS systems generate alerts on outbound traffic. The ISVA operates seamlessly alongside anti-virus and other security software.

Purpose
The purpose of an Internal Network Vulnerability Assessment is to perform an audit of network resources to identify possible security risks within the perimeter of your network.

How it is done
CompuNet's Internal Security Vulnerability Assessment (ISVA) is a comprehensive analysis of all of the workstations and servers on your network. The ISVA detects and identifies trojan horses, hacker tools, DDoS (Distributed Denial-of-Service) agents, and spyware through code analysis and signature matching, in much the same way as anti-virus. The software will detect and specifically identify over 61,000 malicious software applets.

Using intelligent scanning, CompuNet's automated network scanner minimizes the time it takes to gather information on machines within the network perimeter. It also identifies specific vulnerabilities such as configuration problems in FTP servers, exploits in Microsoft IIS or problems in NT security policy configuration.

The following specific issues are addressed:
  • Service pack level
  • Open shares
  • General information
  • Hot fixes
  • SNMP
  • Netbios names
  • Users & groups
  • Password policy
  • Open ports
  • Crack password (win 95/98/ME)
  • Trusted domains
  • Services
  • Registry
  • Alerts
At the conclusion of the scan, CompuNet will provide the customer with a comprehensive report detailing the results of the test, including what was found, where it was found, immediate action indicated, and long term remedies for prevention of future security breaches.

Frequency
Network environments are dynamic and change creates an opportunity for intrusion and compromise to go undetected. Internal Security Vulnerability scans should part of your ongoing security program and be performed on a regular basis to maintain the highest level of security.

» Call today for more details: 478-738-9849 or Toll Free 1-800-872-5203 «
Microsoft Gold Certified Partner
CompuNet, Inc.
Corporate Headquarters
337 Third Street  
Macon, GA 31201
478-738-9849  
1-800-872-5203
Fax: 478-738-9068

 CompuNet, Inc.
Atlanta Office
4485 Lawrenceville Hwy
Suite 203 
Lilburn, GA 30048
678-533-0220  ·  
Fax: 678-533-0202