GFI Network Security and PCI Compliance Power Tools
By Brien Posey
()
About this ebook
In this book Brien Posey has pinpointed the most important concepts with examples and screenshots so that systems administrators and security engineers can understand how to get the GFI security tools working quickly and effectively. His straightforward, no nonsense writing style is devoid of difficult to understand technical jargon. His descriptive examples explain how GFI's security tools enhance the security controls that are already built into your server's operating system.
* Secure Your Network Master the various components that make up the management console and prepare to use it for most tasks.
* Analyze Scan Results View detected vulnerabilities, save and print results, query open ports, and filter your results.
* Install and Use the ReportPack Learn how to build custom reports and schedule reports. See how filters allow you to control the information that is processed when a reports is run.
* Perform a Hardware Inventory and Compile a Software Inventory Use GFI to do your inventories and perform audits. See how to blacklist and whitelist applications to make your reports more meaningful.
* Manage Patches Effectively See how to deploy a specific patch, perform a scan comparison, uninstall a patch, and deploy custom software.
* Use GFI EndPointSecurity to Lock Down Hardware Be prepared for users trying to install unauthorized software, copy sensitive data onto removable media, or perform other actions to try and circumvent your network's security.
* Create Protection Policies Control the level of device access allowed on a system and create separate protection policies; one for servers, one for workstations, and one for laptops. Learn how to deploy agents.
* Regulate Specific Devices Master some of the advanced features of GFI: locking device categories, blacklisting and whitelisting devices, and using file type restrictions.
* Monitor Device Usage Keep tabs on your network by setting logging options, setting alerting options, and generating end point security reports.
- Use GFI EndPointSecurity to Lock Down Hardware
- Create Protection Policies to Control the Level of Device Access
- Master Advanced Features of GFI: Locking Device Categories, Blacklisting and Whitelisting Devices, Using File Type Restrictions and More
Brien Posey
Brien Posey is a freelance technical writer who has received Microsoft's MVP award four times. Over the last 12 years, Brien has published over 4,000 articles and whitepapers, and has written or contributed to over 30 books. In addition to his technical writing, Brien is the cofounder of Relevant Technologies and also serves the IT community through his own Web site. Prior to becoming a freelance author, Brien served as CIO for a nationwide chain of hospitals and healthcare facilities and as a network administrator for the Department of Defense at Fort Knox. He has also worked as a network administrator for some of the nation's largest insurance companies.
Read more from Brien Posey
The Real MCTS/MCITP Exam 70-642 Prep Kit: Independent and Complete Self-Paced Solutions Rating: 2 out of 5 stars2/5The Real MCTS/MCITP Exam 70-648 Prep Kit: Independent and Complete Self-Paced Solutions Rating: 1 out of 5 stars1/5
Related to GFI Network Security and PCI Compliance Power Tools
Related ebooks
Virtualization for Security: Including Sandboxing, Disaster Recovery, High Availability, Forensic Analysis, and Honeypotting Rating: 0 out of 5 stars0 ratingsHeroku Cloud Application Development Rating: 0 out of 5 stars0 ratingsUntangle Network Security Rating: 0 out of 5 stars0 ratingsAdvanced Penetration Testing for Highly-Secured Environments - Second Edition Rating: 0 out of 5 stars0 ratingsAdvanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Rating: 5 out of 5 stars5/5Learning Nagios - Third Edition Rating: 0 out of 5 stars0 ratingsNetwork Performance and Security: Testing and Analyzing Using Open Source and Low-Cost Tools Rating: 0 out of 5 stars0 ratingsThe Antivirus Hacker's Handbook Rating: 0 out of 5 stars0 ratingsZenoss Core 3.x Network and System Monitoring Rating: 0 out of 5 stars0 ratingsProfessional Team Foundation Server 2013 Rating: 0 out of 5 stars0 ratingsMastering System Center Configuration Manager Rating: 0 out of 5 stars0 ratingsLearning Python Rating: 5 out of 5 stars5/5Troubleshooting Ubuntu Server Rating: 0 out of 5 stars0 ratingsCompTIA Cloud+ Study Guide: Exam CV0-003 Rating: 0 out of 5 stars0 ratingsModSecurity 2.5 Rating: 0 out of 5 stars0 ratingsDjango 1.1 Testing and Debugging Rating: 4 out of 5 stars4/5Mastering JIRA 7 - Second Edition Rating: 0 out of 5 stars0 ratingsSSL VPN : Understanding, evaluating and planning secure, web-based remote access Rating: 0 out of 5 stars0 ratingsWindows 8 Bible Rating: 0 out of 5 stars0 ratingsWindows Performance Analysis Field Guide Rating: 4 out of 5 stars4/5Least Privilege Security for Windows 7, Vista and XP Rating: 0 out of 5 stars0 ratingsCompTIA Linux+ Study Guide: Exam XK0-005 Rating: 0 out of 5 stars0 ratingsCacti 0.8 Beginner's Guide Rating: 0 out of 5 stars0 ratingsMicrosoft Application Virtualization Advanced Guide Rating: 0 out of 5 stars0 ratingsProfessional Application Lifecycle Management with Visual Studio 2013 Rating: 0 out of 5 stars0 ratingsMastering Zabbix - Second Edition Rating: 0 out of 5 stars0 ratingsMicrosoft Forefront UAG 2010 Administrator's Handbook Rating: 0 out of 5 stars0 ratingsLearning NAGIOS 3.0 Rating: 0 out of 5 stars0 ratingsVisual SourceSafe 2005 Software Configuration Management in Practice Rating: 0 out of 5 stars0 ratingsJess in Action: Rule-Based Systems in Java Rating: 0 out of 5 stars0 ratings
Enterprise Applications For You
50 Useful Excel Functions: Excel Essentials, #3 Rating: 5 out of 5 stars5/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Notion for Beginners: Notion for Work, Play, and Productivity Rating: 4 out of 5 stars4/5Excel Formulas and Functions 2020: Excel Academy, #1 Rating: 4 out of 5 stars4/5Bitcoin For Dummies Rating: 4 out of 5 stars4/5Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5Learn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratingsQuickBooks 2023 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsSystems Thinking: Managing Chaos and Complexity: A Platform for Designing Business Architecture Rating: 4 out of 5 stars4/5Salesforce.com For Dummies Rating: 3 out of 5 stars3/5Excel Tips and Tricks Rating: 0 out of 5 stars0 ratings101 Ready-to-Use Excel Formulas Rating: 4 out of 5 stars4/5Excel Formulas That Automate Tasks You No Longer Have Time For Rating: 5 out of 5 stars5/5Zoom For Dummies Rating: 0 out of 5 stars0 ratings102 Useful Excel 365 Functions: Excel 365 Essentials, #3 Rating: 0 out of 5 stars0 ratingsExcel Data Analysis For Dummies Rating: 0 out of 5 stars0 ratingsMastering QuickBooks 2020: The ultimate guide to bookkeeping and QuickBooks Online Rating: 0 out of 5 stars0 ratingsChatGPT Ultimate User Guide - How to Make Money Online Faster and More Precise Using AI Technology Rating: 0 out of 5 stars0 ratingsExcel 2019 Bible Rating: 4 out of 5 stars4/5QuickBooks 2024 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsEnterprise AI For Dummies Rating: 3 out of 5 stars3/5The Ridiculously Simple Guide to Google Docs: A Practical Guide to Cloud-Based Word Processing Rating: 0 out of 5 stars0 ratingsExcel 2019 For Dummies Rating: 3 out of 5 stars3/5QuickBooks 2021 For Dummies Rating: 0 out of 5 stars0 ratings
Reviews for GFI Network Security and PCI Compliance Power Tools
0 ratings0 reviews
Book preview
GFI Network Security and PCI Compliance Power Tools - Brien Posey
Posey
Brief Table of Contents
Copyright
Technical Editor
Foreword
Acknowledgements
Chapter 1. Installing GFI LANguard Network Security ScannerSolutions in this chapter:
Chapter 2. An Introduction to the GFI LANguard Network Security Scanner Management ConsoleSolutions in this chapter:
Chapter 3. Performing a Security ScanSolutions in this chapter:
Chapter 4. Analyzing the Scan ResultsSolutions in this chapter:
Chapter 5. Using the ReportPackSolutions in this chapter:
Chapter 6. Inventories and AuditingSolutions in this Chapter:
Chapter 7. Patch ManagementSolutions in this Chapter:
Chapter 8. Installing GFI EndPointSecuritySolutions in this chapter:
Chapter 9. Defining Protection PoliciesSolutions in this chapter:
Chapter 10. Advanced Security ConfigurationsSolutions in this chapter:
Chapter 11. End Point ManagementSolutions in this chapter:
Chapter 12. Monitoring Device UsageSolutions in this chapter:
Chapter 13. Installing GFI EventsManager
Chapter 14. Browsing the Event LogsSolutions in this chapter:
Chapter 15. Event Processing RulesSolutions in this chapter:
Chapter 16. Getting the Big Picture
Chapter 17. Installing and Configuring GFI Network Server Monitor
Chapter 18. Working with GFI Network Server Monitor's Configuration Console
Chapter 19. GFI Network Monitor's Additional ComponentsSolutions in this chapter:
Table of Contents
Copyright
Technical Editor
Foreword
Acknowledgements
Chapter 1. Installing GFI LANguard Network Security ScannerSolutions in this chapter:
Introduction
Installing GFI LANguard Network Security Scanner
Installing SQL Server
Continuing the GFI LANguard Network Security Scanner Setup Process
Configuring E-mail Notifications
Continuing the Server Configuration Process
Summary
Solutions Fast Track
Installing GFI LANguard Network Security Scanner
Frequently Asked Questions
Chapter 2. An Introduction to the GFI LANguard Network Security Scanner Management ConsoleSolutions in this chapter:
Introduction
The Main Console Screen
The Configuration Screen
Scanning Profiles
The Settings Section
The General Section
The Tools Screen
Summary
Solutions Fast Track
The Main Console Screen
The Configuration Screen
The Tools Screen
Frequently Asked Questions
Chapter 3. Performing a Security ScanSolutions in this chapter:
Introduction
Performing Your First Security Scan
A Shortcut to Scanning
Performing a Full Network Security Scan
Aborting a Scan
Summary
Solutions Fast Track
Performing Your First Security Scan
A Shortcut to Scanning
Performing a Full Network Security Scan
Frequently Asked Questions
Chapter 4. Analyzing the Scan ResultsSolutions in this chapter:
Introduction
Viewing the Scan Results
Viewing the Vulnerabilities that Were Detected
Potential Vulnerabilities
Saving the Scan Results
Printing the Scan Results
Getting More Information
Querying Open Ports
Filtering the Scan Results
Summary
Solutions Fast Track
Viewing the Scan Results
Viewing the Vulnerabilities that were Detected
Saving the Scan Results
Printing the Scan Results
Getting More Information
Querying Open Ports
Filtering the Scan Results
Frequently Asked Questions
Chapter 5. Using the ReportPackSolutions in this chapter:
Introduction
Installing the ReportPack
Creating a Report
Favorite Reports
Custom Reports
Scheduled Reports
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 6. Inventories and AuditingSolutions in this Chapter:
Introduction
Performing a Hardware Inventory
Dealing With Information Overload
Compiling a Software Inventory
Analyzing the Results
Blacklisting and Whitelisting Applications
Network Documentation
Network Diagrams
Summary
Solutions Fast Track
Performing a Hardware Inventory
Compiling a Software Inventory
Analyzing the Results
Blacklisting and Whitelisting Applications
Network Documentation
Frequently Asked Questions
Chapter 7. Patch ManagementSolutions in this Chapter:
Introduction
Downloading Microsoft Patches
Scanning for Missing Updates
Viewing the Report
Viewing Missing Patch Information Through the Management Console
Applying Microsoft Service Packs
Deploying Microsoft Patches
Double Check the Patch Management Status
Deploying a Specific Patch
Performing a Scan Comparison
Uninstalling a Patch
Deploying Custom Software
Summary
Solutions Fast Track
Applying Microsoft Service Packs
Deploying Microsoft Patches
Double Check the Patch Management Status
Deploying a Specific Patch
Performing a Scan Comparison
Uninstalling a Patch
Deploying Custom Software
Frequently Asked Questions
Chapter 8. Installing GFI EndPointSecuritySolutions in this chapter:
Introduction
Hardware and Software Requirements
Requirements for the GFI EndPointSecurity Server
The GFI EndPointSecurityAgent's Requirements
Installing GFI EndPointSecurity
Performing the Initial Configuration
Configure User Groups
Configure the Backend Database
Configure Alerting Options
Formatting Your E-Mail Message
Network Alerts
SMS Alerts
Who Gets Alerted?
Installing the ReportPack
Summary
Solutions Fast Track
Hardware and Software Requirements
Installing GFI EndPointSecurity
Performing the Initial Configuration
Installing the ReportPack
Frequently Asked Questions
Chapter 9. Defining Protection PoliciesSolutions in this chapter:
Introduction
Creating Protection Policies
Creating a Workstation Protection Policy
Deploying Agents
Active Directory Based Deployment
Setting Device Permissions
Adding Permissions
Modifying Protection Policy Membership
Summary
Solutions Fast Track
Creating Protection Policies
Deploying Agents
Setting Device Permissions
Frequently Asked Questions
Chapter 10. Advanced Security ConfigurationsSolutions in this chapter:
Introduction
Regulating Specific Devices
Locating a Device's Hardware ID
Making GFI EndPointSecurity Aware of a Device
Setting Permissions for a Specific Device
Blacklisting and Whitelisting Devices
Blacklisting a Specific Device
Whitelisting Devices
Making Exceptions for Power Users
Clearing Existing Permissions
File Type Restrictions
Summary
Solutions Fast Track
Regulating Specific Devices
Blacklisting and Whitelisting
File Type Restrictions
Frequently Asked Questions
Chapter 11. End Point ManagementSolutions in this chapter:
Introduction
The End User Experience
Removing the Agent Component
Making Temporary Exceptions
Summary
Solutions Fast Track
The End User Experience
Removing the Agent Component
Making Temporary Exceptions
Frequently Asked Questions
Chapter 12. Monitoring Device UsageSolutions in this chapter:
Introduction
Setting Logging Options
Setting Alerting Options
Configuring Alert Recipients
Generating End Point Security Reports
Creating a Report
Keeping Tabs on Your Network
Updating Agents
Device Statistics
Summary
Solutions Fast Track
Setting Logging Options
Setting Alerting Options
Generating End Point Security Reports
Keeping Tabs on Your Network
Frequently Asked Questions
Chapter 13. Installing GFI EventsManager
Introduction
Hardware and Software Requirements
Installing GFI EventsManager
Performing the Initial Configuration
Configuring the Backend Database
Configuring an Administrative Account
Configuring Alerting Options
Formatting Your E-Mail Message
Network Alerts
SMS Alerts
Configuring Events Sources
Installing the ReportPack
Summary
Solutions Fast Track
Installing GFI EventsManager
Performing the Initial Configuration
Installing the ReportPack
Frequently Asked Questions
Chapter 14. Browsing the Event LogsSolutions in this chapter:
Introduction
Browsing the Logs
Other Types of Events
Customizing the Events Browser View
Creating Custom Queries
Exporting Events
Summary
Solutions Fast Track
Browsing the Logs
Customizing the Events Browser View
Creating Custom Queries
Exporting Events
Frequently Asked Questions
Chapter 15. Event Processing RulesSolutions in this chapter:
Introduction
Default Classification Actions
Event Processing Rules
The Anatomy of a Rule
The General Tab
The Event Logs Tab
The Conditions Tab
The Actions Tab
The Threshold Tab
Making Your Own Rules
Summary
Solutions Fast Track
Default Classification Actions
Event Processing Rules
The Anatomy of a Rule
Making Your Own Rules
Frequently Asked Questions
Chapter 16. Getting the Big Picture
Introduction
Status Reports
Job Activity
Statistics
Reporting
Accessing the ReportCenter
Summary
Solutions Fast Track
Status Reports
Reporting
Frequently Asked Questions
Chapter 17. Installing and Configuring GFI Network Server Monitor
Introduction
Hardware and Software Requirements
Software Requirements for the GFI Network Monitor Server
Installing GFI Network Server Monitor
Performing the Initial Configuration
Creating Separate Folders
The General Tab
The Logon Credentials Tab
The Actions Tab
The Dependencies Tab
The Maintenance Tab
Placing Computers into Folders
Folder Behavior
Summary
Solutions Fast Track
Hardware and Software Requirements
Installing GFI Network Server Monitor
Performing the Initial Configuration
Creating Separate Folders
Frequently Asked Questions
Chapter 18. Working with GFI Network Server Monitor's Configuration Console
Introduction
Customizing Monitoring Checks
Adding a Monitoring Check
Modifying a Monitoring Check
Deleting a Monitoring Check
Moving Servers and Monitoring Checks
Monitoring Checks Status
Remote Monitoring
Built-in Tools
Enumerate Computers
Enumerate Processes
DNS Lookup
Who Is
Trace Route
SNMP Tools
Summary
Solutions Fast Track
Customizing Monitoring Checks
Monitoring Checks Status
Built-in Tools
Frequently Asked Questions
Chapter 19. GFI Network Monitor's Additional ComponentsSolutions in this chapter:
Introduction
The Activity Monitor
Viewing Monitoring Check Status Remotely
The Reporter
The Troubleshooter
Summary
Solutions Fast Track
The Activity Monitor
The Reporter
The Troubleshooter
Frequently Asked Questions
Copyright
Elsevier, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively Makers
) of this book (the Work
) do not guarantee or warrant the results to be obtained from the Work.
There is no guarantee of any kind, expressed or implied, regarding the Work or its contents. The Work is sold AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state to state.
In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you.
You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files.
Syngress Media®, Syngress®, Career Advancement Through Skill Enhancement®,
Ask the Author UPDATE®,
and Hack Proofing®,
are registered trademarks of Elsevier, Inc. Syngress: The Definition of a Serious Security Library
™, Mission Critical™,
and The Only Way to Stop a Hacker is to Think Like One™
are trademarks of Elsevier, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies.
PUBLISHED BY Syngress Publishing, Inc. Elsevier, Inc.
30 Corporate Drive
Burlington, MA 01803
GFI Network Security and PCI Compliance Power Tools
Copyright © 2009 by Elsevier, Inc. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication.
Printed in the United States of America
1 2 3 4 5 6 7 8 9 0
ISBN 13: 978-1-59749-285-0
Publisher: Laura Colantoni Page Layout and Art: SPI
Acquisitions Editor: Andrew Williams Copy Editor: Judith H. Eby, Michael McGee
Developmental Editor: Matthew Cater Indexer: SPI
Technical Editor: Troy Thompson Cover Designer: Michael Kavish
Project Manager: Andre Cuello
For information on rights, translations, and bulk sales, contact Matt Pedersen, Senior Sales Manager, Corporate Sales, at Syngress Publishing; email m.pedersen@elsevier.com.
Technical Editor
Troy Thompson has worked in network administration for over 20 years, performing network monitoring and backup, Microsoft Exchange administration and training. Troy has written many technology articles, tutorials, and white papers, which have been published by leading technology publications and businesses including CNET, Microsoft, TechRepublic, and the Security Evaluation Center. Troy is a Cisco Certified Academy Instructor (CCAI), and has numerous other certifications including CCNA, MCSE+I, CCAI, Network+, Security+ and A+. Troy has also traveled the world playing music as the guitarist for Bride. Check out www.bridepub.com or view some videos on YouTube.
Lead Author
Brien Posey is a freelance technical writer who has received Microsoft's MVP award five times for his work with Windows Server, IIS, Exchange Server, and file system storage. Over the last thirteen years, Brien has published over 4,000 articles and whitepapers for a variety of technical publications and Websites including TechTarget, CNET, Windows IT Professional, ZDNET, Windows Networking, and many others. He has also written or contributed content to over 30 books.
In addition to his technical writing, Brien is the co-founder of Relevant Technologies (www.relevanttechnologies.com) and also serves the IT community through his own Web site at www.brienposey.com.
Prior to becoming a freelance author, Brien served as CIO for a nationwide chain of hospitals and healthcare facilities, and as a network administrator for the Department of Defense at Fort Knox. He has also worked as a network administrator for some of the nation's largest insurance companies.
When Brien isn't busy writing he enjoys exotic travel, racing speed boats, scuba diving, and pretty much anything else that's good for an adrenaline rush.
Foreword Contributor
Laura Taylor is Relevant Technologies' President and CEO. Her research has been used by the FDIC, the FBI, the IRS, various U.S. Federal Reserve Banks, U.S. Customs, the U.S. Treasury, the White House, and many publicly held Fortune 500 companies. Ms. Taylor specializes in security Certification and Accreditation (C&A) consulting and training, as well as audits of financial institutions. She has provided information security consulting services to some of the largest financial institutions in the world, including the U.S. Internal Revenue Service, the U.S. Treasury, the U.S. Governmentwide Accounting System, and National Westminster Bank—a division of the Royal Bank of Scotland. Ms. Taylor is the author of the bestselling FISMA Certification and Accreditation Handbook. In assisting her customers, Ms. Taylor has a 100-percent accreditation rate for FISMA compliance. Ms. Taylor has taught her FISMA 101 class for both SANS and for Yale University.
Before founding Relevant Technologies, Ms. Taylor was Director of Security Research at TEC. Ms. Taylor has also served as CIO of Schafer Corporation, Director of Information Security at Navisite, and Director of Certification and Accreditation for COACT. Earlier in her career, Ms. Taylor held various positions at Sun Microsystems where she was awarded several Outstanding Performance
awards, and a CIS Security Award. Most recently, Ms. Taylor received an award from a division of the U.S. Financial Management Services Commissioner for her assistance with FISMA-compliant Security Certification & Accreditation of highly sensitive systems. Ms. Taylor is a Certified Information Security Manager (CISM).
Ms. Taylor has been featured in many media forums, including ABC-TV Business Now, CNET Radio, Boston Business Journal, Computer World, and The Montreal Gazette. Her research has been published on numerous Web portals and magazines, including Business Security Advisor, Forbes, SecurityWatch, eSecurityOnline, SecurityFocus, NetworkStorageForum, ZDNet, Datamation, MidRangeComputing, and Securify. Ms. Taylor has authored over 500 research articles and papers on information security topics and has contributed to multiple books. A graduate of Skidmore College, Ms. Taylor is a member of the Society of Professional Journalists, the IEEE Standards Association, the National Security Agency's IATFF Forum, and is the Chair of the FISMA Center's CCAP Exam Advisory Board.
Foreword
Today, all companies, U.S. federal agencies, and nonprofit organizations have valuable data on their servers that must be secured. One of the challenges for information technology (IT) experts is learning how to use new products in a time-efficient manner so new implementations can go quickly and smoothly. Learning how to set up sophisticated products is time-consuming and can be confusing. GFI's LANguard Network Security Scanner can report vulnerabilities so they can be mitigated before unauthorized intruders wreak havoc on your network. To take advantage of the best things LANguard Network Security Scanner has to offer, you'll want to configure it on your network so it captures key events and alerts you to potential vulnerabilities before they are exploited.
In understanding how to use this product most effectively, Brien Posey has pinpointed the most important concepts with examples and screenshots so systems administrators and security engineers can understand how to get the GFI security tools working quickly and effectively. Brien's straightforward no-nonsense writing style is devoid of difficult-to-understand technical jargon. His descriptive examples explain how GFI's security tools enhance the security controls already built into your server's operating system. Brien's ability to explain technology so just about anyone can understand it is what has made him today's most popular information technology author.
I have had the pleasure of working with Brien over the years, and his understanding of technology and his ability to explain it so that I can understand it, has made him my #1 go-to person when I need to know how something works. With GFI Network Security and PCI Compliance Power Tools now available for all, all IT professionals who want to take advantage of cutting-edge security tools can learn how to strengthen their security controls, and put in place best practice security management processes. Brien's skill at sharing his technical knowledge in a way that anyone can understand is a breath of fresh air in the world of pedantic, overly technical white papers that seem to purposely use pretentious language and knotty examples for a select exclusive audience. With this very cool product, it's nice to have a practical guidebook to help you make the most of it.
Acknowledgements
First and foremost, I want to thank my wife Taz for her patience and understanding while I was working on this book. Taz has constantly supported me in every way imaginable throughout my career. I only wish that words could truly express the love and gratitude that I have for her.
I would also like to thank Troy Thompson and Laura Taylor of Relevant Technologies (http://www.relevanttechnologies.com). Both Troy and Laura have put a lot of work into this book. More importantly, I have learned a lot from working with Laura and Troy on various IT projects over the years. They are both extremely talented individuals, and I attribute a high degree of my overall success to the experience that I have gained while working with them.
I also wish to express my gratitude to:
Andrew Williams, Matthew Cater, David George, and the rest of the staff at Syngress.
David Kelleher, Angelica Micallef Trigona, and Stephen Chetcuti Bonavita at GFI.
Seth Oxhandler at Coolcat Inc. (http://coolcatinc.com)
The staff at BigSecurityStore.com
Shamir Dasgupta, Jeremy Broyles, and Billy Brown at Xpressions Interactive (www.xpressions.com)
Chapter 1. Installing GFI LANguard Network Security Scanner
Chapter 1. Solutions in this chapter:
Installing GFI LANguard Network Security Scanner
Summary
Solutions Fast Track
Frequently Asked Questions
Introduction
When Syngress asked me to write a book on the various GFI security products, I wasn't quite sure what I was going to write. Most of the GFI products are fairly intuitive, and GFI always seems to do a good job on the instruction manuals for their products, all of which can be downloaded from the GFI Web site.
When I stopped and thought about it, I began to realize that although the various GFI instruction manuals are both comprehensive and well written, they tend to be a little bit bloated because they cover every feature that the various products have to offer. That's not necessarily a bad thing (especially for an instruction manual), but instruction manuals rarely reflect how people use the products in the real world.
Since GFI already offers such thorough instruction manuals, I decided to write this book as a guide to using the various products in a real-world environment. What that means is that I'm not going to waste your time by talking about the more obscure product features, or by showing you convoluted techniques that you would never use in practice. I'm also going to try to avoid using a lot of technical jargon. My goal is to write a book that's easy to read and that teaches you what you need to know, but without wasting your time in the process.
For each of the products that this book covers, I will walk you through the installation process, and then walk you through the most useful administrative tasks in a step-by-step manner. As I do, I will also share with you any hints or tricks that I have found for getting better results or for accomplishing your goals more quickly. I sincerely hope that you will find this book to be a useful reference.
Installing GFI LANguard Network Security Scanner
Installing GFI LANguard Network Security Scanner is pretty simple and straightforward, but I wanted to go ahead and walk you through the process just so there aren't any surprises later on.
GFI LANguard Network Security Scanner can be installed on any of the following operating systems:
Windows 2000 (with SP4 or higher)
Windows XP (with SP2 or higher)
Windows Server 2003
Windows Vista (with SP1 or higher)
Windows Server 2008
Windows Vista and Windows Server 2008 can be running either the X86 version or the X64 version of Windows.
Are You Owned?
Checking for Infections
The whole point of installing GFI Network Security Scanner is to help you to secure your network. Using a security product like this one does you absolutely no good though, if the server that will be running it has already been compromised. I recommend scanning the server that you will be installing the product onto for malware prior to performing the installation.
GFI LANguard Network Security Scanner also requires you to be running Internet Explorer 5.1 or higher, and the Client for Microsoft Networks component, which is installed by default in every version of Windows since Windows 95. To install GFI LANguard Network Security Scanner, perform the following steps:
Download the languardnss8.exe file from the GFI Web site (www.gfi.com/downloads/downloads.aspx?pid=lanss&lid=EN), place the file into a temporary directory, and then double click on it.
Depending on the version of Windows that you are using, you may see a security warning that asks you if you want to run this file, as shown in Figure 1.1. If you receive such a warning, click the Run button.
Windows will now launch the InstallShield Wizard, which will extract the various files used by the Setup process.
When the process completes, Windows will launch the Setup wizard, which will initially display a welcome screen. Click Next to bypass the welcome screen, and you will see a screen prompting you to accept the end user license agreement
Choose the option to accept the license agreement, and click Next
At this point, the Setup wizard will display the Customer Information screen that's shown in Figure 1.2. As you can see in the figure, you are prompted to enter a user name, a company name, and a license key. GFI LANguard Network Security Scanner allows you to enter the word EVALUATION (all caps) in place of a license key. If you choose to do so, you will be able to use all of the product's features for the next ten days. GFI offers this evaluation feature as a way of allowing you to test drive their products. If you have purchased a license for GFI LANguard Network Security Scanner, then the license key should be listed in the e-mail message that you receive from GFI.
Click Next, and Setup will prompt you to choose an account to use for the Attendant Service to run under. Unlike many other services, the Attendant Service cannot run using the Local System account. You can specify any account that you want, but the account needs to be a domain member, and it must have administrative privileges for the domain.
When you finish entering the service account credentials, click Next, and you will see a screen asking you if you want GFI LANguard Network Security Scanner to use a Microsoft Access Database, or a SQL Server database.
Figure 1.1. If You Receive This Security Warning, Click the Run Button
Figure 1.2. You Have the Option of Entering the Word EVALUATION in Lieu of a License Key
If you want to take the easy out, go with the Microsoft Access database option. If you choose this option, you don't even have to install Microsoft Access.
The down side to using a Microsoft Access database is that it does not offer the performance or scalability of a Structured Query Language (SQL) Server database. Using a Microsoft Access database will work fine if you have a small- to medium-sized network, or if you are just installing GFI LANguard Network Security Scanner for evaluation purposes. If you have a larger network, then performance is typically going to suffer if you try using a Microsoft Access Database.
If you choose the SQL Server option, then you have the option of using SQL Server 2000 or higher, or of using Microsoft Database Engine (MSDE). In case you are not familiar with MSDE, it is Microsoft's free version of SQL Server.
So why would Microsoft offer SQL Server for free? Well, from what I have heard, they did it because so many of their products (and so many third-party products) require a backend database, and in a lot of cases a full blown SQL Server would be overkill. MSDE provides you with a way of using products that require a SQL Server database, but without having to spend good money on SQL Server licenses or on the supporting hardware.
As great as MSDE sounds, you've got to remember that nobody in their right mind would buy SQL Server if MSDE was truly as good as SQL Server. Earlier I mentioned that MSDE stood for Microsoft Database Engine. MSDE is just that; a database engine. MSDE can host SQL databases, but it doesn't perform quite as well as a full blown SQL Server installation. It is also missing a lot of the management tools, and doesn't offer clustering or a lot of the other more advanced SQL Server capabilities. On the upside though, it is free!
So right about now, you might be wondering where you can get your hands on a copy of MSDE. Microsoft allows you to download it from their Web site for free. You can get the original version of MSDE, which is really a SQL 2000 database engine at: www.microsoft.com/downloads/details.aspx?familyid=413744D1-A0BC-479F-BAFA-E4B278EB9147&displaylang=en
There is also a SQL 2005 version of MSDE available at: www.microsoft.com/sql/editions/express/default.mspx. Although this is technically the next version of MSDE, Microsoft has changed its name to Microsoft SQL Server Express Edition. The most important thing that you