In order to maintain your systems secure you need to keep a constant watch at what vulnerabilities have been released and what your machines are running. This is where a scanner comes into the picture. Today I’m taking a look at GFI’s LANguard Network Security Scanner 3.3, a software title already well-known in the security community. Read on to discover what you can expect from it.
The LANguard Network Security Scanner offers several options when it comes to scanning. You can either use a hostname, an IP address, a range of IP addresses or input a txt file with a list of machines. These options clearly make scanning efficient and can automate your work.
You’re bound to be scanning different types of machines so another feature of this tool is the ability to use different scan profiles. You can also save different scan profiles and save results from a scan and compare them with others at a later time. As regards more customization options, this software title gives you the possibility to configure all alerts, ports and operations to make them suite your needs.
You get a direct link to an advisory if a possible problem is detected
LANguard N.S.S. gives you the possibility to perform scheduled scans and have the eventual differences e-mailed to you. This feature is available as a separate tool that can be run in order to configure the scans.
If you’re worried about keeping up-to-date with patches you’ll be happy to know that with the LANguard N.S.S. you can also make your machines safe by applying patches. One of the things the scanner checks for during a job is whether the target machine has been patched and in case it is vulnerable it displays a list of patches that are available for that operating system.
An unpatched Windows XP machine is detected – click for the large version
Once the patches have been discovered you can either update the machines by yourself by following the links to the advisories or you can let the tool update your machine(s) for you. The interface for this task is also very intuitive as you can see below. For all of you that want to see details on which patches are to be applied there’s a list of patches to explore, click here for a screenshot.
Deploy patches fast
A report can be generated from a completed scan and you can set a variety of options when it comes to the look of the report. The program also offers various templates that make generating reports easier depending on what kind of information you want them to display. Security consultants will appreciate the possibility to customize the header and footer to display their information and graphics.
An HTML report – click for the complete screenshot
Let’s say you have a report that contains the results of a scan of 500 Windows machines and you just want to see which ones are missing patch MS 03-023. The easiest way is to use the Report Generator and define what he should search for in your report. You get the results quickly and you can either save this new report or print it out. This gives you the possibility to provide not just standard but customized reports depending on your needs.
There’s also a variety of things you can perform with the LANguard N.S.S. besides scanning and patching machines. You can perform a DNS lookup, traceroute, get whois information, perform a MS SQL server audit, enumerate computers, and more. These tools are very easy to reach as they are placed in the main toolbar and are very handy since you don’t have to use different tools or resort to the command line all the time.
It would be handy to see a separate toolbar that would load independently in the next versions of LANguard N.S.S. so that users can have these simple tools at their disposal without having to open the entire program.
The whois client – click for the complete screenshot
The LANguard N.S.S. also gives its users the possibility to write security checks with a scripting language named LANS. The manual is packed with information so if you want to use LANS you won’t be lost. The only trick here is that GFI doesn’t offer support in the analysis of the scripts created by users. In any case, a welcome feature for advanced users that need total customization.
Scripting in action
If you want to learn how to get the most out of any tool you are bound to do some reading besides experimenting. This is especially the case when you run into something you either can’t achieve or have a problem you don’t know how to solve. The people at GFI did an excellent job in providing a manual that is not only filled with solid information but also very easy to browse. The material in the manual is presented in a straightforward manner and it guides you through all the features of the LANguard N.S.S. I wish more software titles had such good guides.
The handy manual – click for the large version
The variety of features and a simple interface make the LANguard Network Security Scanner a good scanner for any security professionals’ toolbox. I think the possibility to customize almost everything is something that can make you save time so it’s definitely a feature many will appreciate.
Some may think that the interface is not too modern and flashy but I really enjoy it because of both its simplicity and accessibility that make it very easy to use when doing many operations at once, as it often happens during a security testing.