GFI LANguard

Category: Vulnerability Scanners
Website: http://www.gfi.com/lannetscan/
Manufacturer: GFi Software Ltd.
Operating System: Windows

Description:
GFI LANguard is one of the leading tools on the market for server security scanning. It scans a machine or range of machines for known vulnerabilities, presents a clean report and offers links to help repair any problems. To fully facilitate security scanning it allows for user defined credentials, including NULL sessions, to see what a hacker could learn without having access to the machine. A useful set of tools accompany the scanner. They include: DNS lookup, traceroute, snmp audit, SQL audit and a software deployment package. The deployment package can install MS patches or custom software on any machine that it has proper privileges on.

Strengths:
User defined credentials and NULL session testing allow for different levels of information based on the group a user belongs to. Able to scan any network class (target does not have to be on the local network). Software distribution center allows for simple server management.

Weaknesses:
Provides only general information on security holes. For example: "Administrator account without a password" is a common problem, but it never says which user has the problem.

Target:
Firewalls and Servers

Mitigation/Recommendation:
Keep server well patched and stealth unused ports.

Price:
Shareware, allows for 25 machines to be scanned (expires after 30 days). Unlimited computers costs $995.

Penetration (9):
Hhigh One of the main scanners used by hackers

Simplicity (9):
Easy point and click interface

Damage Potential (1):
Minimal Data collections only