CyberCop Scanner Getting Started Guide

More documents

Recommendations

Info

Getting Started: Performing a Scan Setting Up a New Configuration File This section gives step-by-step instructions for creating a new scan configuration file. You will learn how to select and deselect modules and module classes for a scan. You will also learn how to create a scan settings template and a module configuration template. Creating a New Configuration File If you do not want to use the default configuration file, you can create a new configuration file. You can do this in two ways: • by selecting the File>New Config File... menu item. This option opens the Setup Walkthrough program, allowing you to select and/or edit a scan settings template and a module configuration template. Alternatively, click the New toolbar icon. • byusingtheConfigure menu to select the desired scan settings, module settings, and application settings. Then you can save these settings as a new configuration file by selecting the File>Save Config As... menu item. To create a new configuration file using the Setup Walkthrough program, follow these steps: 1. Select the File>New Config File... menu item. The Setup Walkthrough program will open. Alternatively, click the New toolbar icon. 2. In the Scan Configuration File Name textbox, enter a name for the new configuration file. You do not need to add the file extension .ini. It will be added automatically. By default, the file will be stored in c:\Program Files\Network Associates\SMI Products\CyberCop Scanner. To save the file in another location, click the Save As button to browse for a different directory or drive. Then click Next. 3. Next you will be prompted to enter the following information: • the DNS domain name of the target network • the NIS domain name of the target network • the fake DNS server name • the IP range to scan Enter this information in the textboxes provided. You should not leave these textboxes blank, otherwise certain modules which depend on this information will not work properly. 3-14 Chapter 3
Getting Started: Performing a Scan NOTE: For an explanation of the above information, see the section, “About the Setup Walkthrough Program,” earlier in this chapter. You can also view instructions for entering this information by placing the cursor in one of the textboxes. An explanation will be displayed in the NOTES section of the Setup Walkthrough dialog box Click Next to continue. 4. Next you must select a module configuration template. CyberCop Scanner includes several predefined module configuration templates which you can use to perform various types of scans. You have three options: select an existing template, edit an existing template, or create a new template. To learn more about selecting a module configuration template, see the section, “Creating and Editing Module Configuration Templates,” later in this chapter. NOTE: Important! The module class named Denial of Service Attacks is disabled in the Default template. We recommend that you do not perform Denial of Service checks on your network for this tutorial. In order to check for these vulnerabilities, an actual hostile attack must be performed against a computer. Denial of Service Attacks can have undesirable effects, including network congestion, computer instability, crashes, and reboots. Click Next to continue. 5. Next you must select a scan settings template. You have three options: select an existing template, edit an existing template, or create a new template. To learn more about selecting a scan settings template, see the section, “Creating and Editing Scan Settings Templates,” later in this chapter. Then click Next. 6. Click Finish to exit the Setup Walkthrough program. The new scan configuration file will be saved and loaded, ready to be used for the next scan. The Setup Walkthrough program will then close. The name of the new scan configuration file will be displayed in the CyberCop Scanner title bar. You can view your selected scan settings using the Configure>Scan Settings... menu item. You can view the selected modules using the Configure>Module Settings... menu item. You can also view selected scan settings and module settings by switching to the Current Configuration tab of CyberCop Scanner. The Current Configuration tab also lists the current settings of variables associated with modules in the Vulnerability Database. CyberCop Scanner Getting Started Guide 3-15
Page 1 and 2: CyberCop Scanner for Windows NT and
Page 3 and 4: Table of Contents Preface..........
Page 5 and 6: Table of Contents ScanningMultipleH
Page 7 and 8: Table of Contents Chapter 6. Runnin
Page 9 and 10: Table of Contents UnderstandinganEx
Page 11 and 12: Preface This preface includes impor
Page 13 and 14: Part II: Advanced Features Part II:
Page 15 and 16: Preface For corporate-licensed cust
Page 17: Part One: Getting Started 1
Page 20 and 21: CyberCop Scanner in Active Security
Page 28 and 29: Installing CyberCop Scanner Install
Page 30 and 31: Installing CyberCop Scanner NOTE: I
Page 32 and 33: Installing CyberCop Scanner Uninsta
Page 34 and 35: Installing CyberCop Scanner 2-8 Cha
Page 36 and 37: Getting Started: Performing a Scan
Page 76 and 77: Working With Scan Results Saving Sc
Page 78 and 79: Working With Scan Results 3. Under
Page 80 and 81: Working With Scan Results Viewing S
Page 82 and 83: Working With Scan Results Viewing R
Page 84 and 85: Working With Scan Results Using the
Page 86 and 87: Working With Scan Results Report by
Page 88 and 89: Working With Scan Results Querying
Page 90 and 91: Working With Scan Results Generatin
Page 96 and 97: Working With Scan Results Fields ta
Page 98 and 99:
Working With Scan Results Previewin
Page 100 and 101:
Working With Scan Results NOTE: Whe
Page 102 and 103:
Working With Scan Results Generatin
Page 104 and 105:
Working With Scan Results WheretoGo
Page 106 and 107:
Using Brute Force Password Guessing
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Running IDS (Intrusion Detection So
Page 118 and 119:
Running IDS (Intrusion Detection So
Page 120 and 121:
Using CASL Modules to Run Firewall
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
AutoUpdate: Updating CyberCop Scann
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 139 and 140:
1Using NTCASL to Generate Custom Au
Page 141 and 142:
Creating an Example Packet Using NT
Page 143 and 144:
Using NTCASL to Generate Custom Aud
Page 145 and 146:
CASL Menus Using NTCASL to Generate
Page 147 and 148:
CASL Toolbar Using NTCASL to Genera
Page 149 and 150:
Using NTCASL to Generate Custom Aud
Page 151 and 152:
2The Vulnerability Database Editor
Page 153 and 154:
About Module Records The Vulnerabil
Page 155 and 156:
The Vulnerability Database Editor L
Page 157 and 158:
The Vulnerability Database Editor M
Page 159 and 160:
The Vulnerability Database Editor E
Page 161 and 162:
Exporting Modules The Vulnerability
Page 163:
Part Three: Appendices 1
Page 166 and 167:
A Guide to CASL (Custom Audit Scrip
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Scanning: Command Line Options The
Page 200 and 201:
Scanning: Command Line Options B-4
Page 202 and 203:
Glossary Internet Internet Service
Page 204:
Glossary subnet addressing TELNET t
show all

CyberCop Scanner Getting Started Guide

Create successful ePaper yourself

Delete template?

Save as template?