Wireshark and TShark: Decrypt Sample Capture File (by Joke Snelders)
What the heck is a tool? (by Tony Fortunato)

Secure Your Network with GFI Auditing Tool (by Veronica Henry)

GFI-Logo_175x105 RonnieAuthor Profile - Veronica Henry has extensive IT experience including Networking and Security & Privacy technologies. She is a Linux convert, who has held MCSE, GSEC, and PMP certifications. In her dreams, she is an international best-selling sci-fi and fantasy author, but in the meantime, she now spends her days writing, managing her Websites, and wreaking havoc on her Ubuntu laptop.

GFI Software provides the single best source of Web & Mail Security, Archiving & Fax, Networking & Security and Remote Monitoring & Management solutions software for small to medium sized businesses. With award-winning technology, an aggressive pricing strategy, and a strong focus on the unique requirements of small to medium sized businesses, GFI Software satisfies the needs of SMB organizations on a global scale.

Securing corporate networks is an arduous task. The approach must be multi-layered, including sound security and user policies, an array of tools and techniques, and an audit strategy! Periodic auditing gives you the ability to gauge adherence to corporate policy and can uncover possible breaches and aberrant behavior that indicates a potential breach..

Network auditing addresses three vulnerability areas:

  • Interception - Data transmitted over the networks can be intercepted by a potential attacker.
  • Availability – More than ever, 24x7 network availability is standard. Downtime can have a negative impact on the business.
  • Access/entry point - Networks have many entry points for potential hackers. Data loss, and the introduction of viruses or Trojans (plus Keyloggers) are possible if not properly secured.

Auditors use a variety of techniques: interviews, scans, and network/log analysis, to name a few. Their task is to determine how well security policy has been enforced. Though the intensity of audits vary, it is not uncommon to see vulnerability assessments, operating system and application security testing and reviews of access controls.

Since many threats begin externally, vulnerability assessment tools perform their work, almost like an outside host. The purpose is to scan your network in search of known security issues and to try and exploit them. Assessments are performed on varying schedules: weekly or monthly. The results dictate corrective actions and suggestions.

By contrast, an intrusion detection system monitors a network for malicious activity that has managed to penetrate network defenses. There are both more passive and active forms of these tools. The passive version monitors for suspicious activity and reports, but the more active intrusion prevention systems are designed to take action. They can reconfigure firewall rules, block IP addresses and perform other tasks aimed at thwarting an attack, rather than just reporting the vulnerability.

Other auditing tools include products that help measure adherence to password policies that include things like length and password change rules. And with the proliferation of wireless networks, special care should be given to using tools that help ensure securing wireless data.

As security threats continue to evolve, sound security policies that include an effective audit strategy will help ensure the security of your corporate network. Tools are part of the process, but should not overshadow the importance of interpersonal communications in maintaining a solid security foundation.

One company to consider is GFI Software. It is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information about GFI LANguard network security scanner and vulnerability management tool can be found at https://www.gfi.com/lannetscan.