CyberCop Scanner Getting Started Guide

More documents

Recommendations

Info

Preface How to Use the Getting Started Guide This Getting Started Guide is divided into three parts. The parts include the following: • Part I: Getting Started • Part II: Advanced Features • Part III: Appendices The contents of the above-listed parts are described below. Part I: Getting Started Chapter 1, “CyberCop Scanner in Active Security,” describes how CyberCop Scanner works when it is integrated into the Active Security suite of NAI products. CyberCop Scanner can be used as a standalone product. Or, it can be used with other NAI products in the Active Security suite. Chapter 2, “Installing CyberCop Scanner,” includes step-by-step instructions for installing and uninstalling CyberCop Scanner. It also includes instructions for installing the CASL interpreter. Once you complete this chapter, you will be ready to begin the tutorial chapters. Chapter 3, “Getting Started: Performing a Scan,” is the first of several tutorial chapters. Chapter 3 leads you through configuring CyberCop Scanner and performing a scan. Chapter 4, “Working With Scan Results,” explains how scan results are saved. It also teaches you how to view scan results and generate scan reports and network maps using the scan results you obtained in Chapter 3. Chapter 5, “Using Brute Force Password Guessing Functions,” teaches you about the Crack utility and the SMB Grind utility. It includes a discussion of the Crack and SMB Grind utilities and instructions on how to use them. Chapter 6, “Running IDS (Intrusion Detection Software) Tests,” includes an explanation of the IDS testing tool for testing your intrusion detection software as well as a procedure for conducting IDS tests. Chapter 7, “Using CASL Modules to Run Firewall Filter Checks,” includes instructions for running filter checks on firewalls, screening routers, and other gateway machines using module class 12000, a class of modules written in the custom audit scripting language (CASL). Chapter 8, “AutoUpdate: Updating CyberCop Scanner Files,” explains how to download the most current CyberCop Scanner update packs (i.e. compressed files) from NAI’s FTP site to your system. x Preface
Part II: Advanced Features Part II: Advanced Features explains advanced functions of CyberCop Scanner. Preface Chapter 1, “Using NTCASL to Generate Custom Audit Packets” describes the CyberCop Scanner NTCASL user interface that allows you to generate custom packets that use the custom audit scripting language. You can then send your custom packets to a destination host to check for security holes in a network. You construct packets using tools provided in the NTCASL user interface. It is not necessary to know the custom audit scripting language to use the NTCASL user interface. Chapter 2, “The Vulnerability Database Editor,” is a brief introduction to the Vulnerability Database Editor. Part III: Appendices Part III: Appendices includes appendices that describe additional features of CyberCop Scanner. Appendix A, “CASL Reference Guide,” provides a detailed explanation of the custom audit scripting language (CASL) which you can use to write your own scripts using a text editor and run them using the CASL interpreter of CyberCop Scanner. Appendix A includes a description of CASL program structure and syntax, as well as a programming guide. Appendix B, “Scanning: Command Line Options,” contains options for running the scan engine from the command line. NOTE: The CyberCop Scanner Getting Started Guide is provided as a PDF file which you can print. If you are viewing the CyberCop Scanner Getting Started Guide using a PDF viewer, we strongly recommend that you view the file using Adobe Acrobat Reader. You can download a copy of Acrobat Reader from the Adobe Systems Incorporated web site: http://www.adobe.com/prodindex/acrobat/readstep.html. Follow the download instructions, and then click Download to download Adobe Acrobat Reader to your system. CyberCop Scanner Getting Started Guide xi
Page 1 and 2: CyberCop Scanner for Windows NT and
Page 3 and 4: Table of Contents Preface..........
Page 5 and 6: Table of Contents ScanningMultipleH
Page 7 and 8: Table of Contents Chapter 6. Runnin
Page 9 and 10: Table of Contents UnderstandinganEx
Page 11: Preface This preface includes impor
Page 15 and 16: Preface For corporate-licensed cust
Page 17: Part One: Getting Started 1
Page 20 and 21: CyberCop Scanner in Active Security
Page 28 and 29: Installing CyberCop Scanner Install
Page 30 and 31: Installing CyberCop Scanner NOTE: I
Page 32 and 33: Installing CyberCop Scanner Uninsta
Page 34 and 35: Installing CyberCop Scanner 2-8 Cha
Page 36 and 37: Getting Started: Performing a Scan
Page 62 and 63:
Getting Started: Performing a Scan
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Working With Scan Results Saving Sc
Page 78 and 79:
Working With Scan Results 3. Under
Page 80 and 81:
Working With Scan Results Viewing S
Page 82 and 83:
Working With Scan Results Viewing R
Page 84 and 85:
Working With Scan Results Using the
Page 86 and 87:
Working With Scan Results Report by
Page 88 and 89:
Working With Scan Results Querying
Page 90 and 91:
Working With Scan Results Generatin
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Working With Scan Results Fields ta
Page 98 and 99:
Working With Scan Results Previewin
Page 100 and 101:
Working With Scan Results NOTE: Whe
Page 102 and 103:
Page 104 and 105:
Working With Scan Results WheretoGo
Page 106 and 107:
Using Brute Force Password Guessing
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Running IDS (Intrusion Detection So
Page 118 and 119:
Running IDS (Intrusion Detection So
Page 120 and 121:
Using CASL Modules to Run Firewall
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
AutoUpdate: Updating CyberCop Scann
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 139 and 140:
1Using NTCASL to Generate Custom Au
Page 141 and 142:
Creating an Example Packet Using NT
Page 143 and 144:
Using NTCASL to Generate Custom Aud
Page 145 and 146:
CASL Menus Using NTCASL to Generate
Page 147 and 148:
CASL Toolbar Using NTCASL to Genera
Page 149 and 150:
Using NTCASL to Generate Custom Aud
Page 151 and 152:
2The Vulnerability Database Editor
Page 153 and 154:
About Module Records The Vulnerabil
Page 155 and 156:
The Vulnerability Database Editor L
Page 157 and 158:
The Vulnerability Database Editor M
Page 159 and 160:
The Vulnerability Database Editor E
Page 161 and 162:
Exporting Modules The Vulnerability
Page 163:
Part Three: Appendices 1
Page 166 and 167:
A Guide to CASL (Custom Audit Scrip
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Scanning: Command Line Options The
Page 200 and 201:
Scanning: Command Line Options B-4
Page 202 and 203:
Glossary Internet Internet Service
Page 204:
Glossary subnet addressing TELNET t
show all

CyberCop Scanner Getting Started Guide

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?