Introduction

Sooner or later you will need to identify all the systems on your network. Despite the most stringent of usage policies, sometimes undocumented systems may be added to the network. Sometimes these systems are test systems that were never decommissioned. At other times you may find rogue systems whose mere presence on the network violates policy. There may be instances where the system is managed by a third party as part of a vendor s service offering. The value of a full network discovery is even more apparent if you are dealing with an environment that you are not familiar with, such as a newly acquired company, or if you are new to your position. If the network has few enough hosts, this task isn t much of a challenge. If the network is large, or spread across multiple locations, and visiting them all isn t practical, an automated discovery may be much more practical. We will look at some generic discovery/scanning tools, as well as some that are targeted at specific services.

After you have identified all the systems on your network, the next logical step is to determine the security posture of those systems. Several automated security scanning tools are available that can check for a large list of known vulnerabilities and can make this task easier. We will demonstrate the configuration and operation of some automated vulnerability scanners. We will also discuss the Microsoft Baseline Security Analyzer, which simply checks a Microsoft system and reports on any known security...