Options

Security Auditing software...

jamesp1983jamesp1983 Member Posts: 2,475 ■■■■□□□□□□
in Off-Topic
I was curious if anyone knows of some software that will collect security information from servers in an OU, like ACLs, group members, etc... I need a tool that can collect information from all the servers and give me information about folder permissions, who's in the admin and remote desktop user group, etc... I have a script that will search through all the servers in an OU and tell me who's in the admin and remote desktop user groups...so that's not as important.
"Check both the destination and return path when a route fails." "Switches create a network. Routers connect networks."
· Share on FacebookShare on Twitter

Comments

  • Options
    darkuserdarkuser Member Posts: 620 ■■■□□□□□□□
    nessus ?
    core impact ?
    depends if you're looking for pentesting
    or auditing ?
    rm -rf /
    · Share on FacebookShare on Twitter
  • Options
    thesemantheseman Member Posts: 230
    For group membership searches I have always used VB scripts.

    For ACL and folder permissions I use Dumpsec/Hyena.

    -Travis
    · Share on FacebookShare on Twitter
  • Options
    snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    theseman wrote:
    For group membership searches I have always used VB scripts.

    For ACL and folder permissions I use Dumpsec/Hyena.

    -Travis

    I have seen hyena in action, and its pretty darn cool!
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
    · Share on FacebookShare on Twitter
  • Options
    blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Another vote for Hyena.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
    · Share on FacebookShare on Twitter
  • Options
    JDMurrayJDMurray Admin Posts: 13,036 Admin
    Might as well give Microsoft Baseline Security Analyzer a run too.

    Forum Admin at www.techexams.net
    --
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    · Share on FacebookShare on Twitter
  • Options
    jamesp1983jamesp1983 Member Posts: 2,475 ■■■■□□□□□□
    Well obviously the MBSA has been considered, but its just not comprehensive enough for our needs. I'm trying Hyena now. It looks to be a full featured solution. We are more interested in auditing than penetration.

    Thanks for all of the suggestions guys!!
    "Check both the destination and return path when a route fails." "Switches create a network. Routers connect networks."
    · Share on FacebookShare on Twitter
Sign In or Register to comment.