I am a newly appointed administrator for a large company. I have been tasked to check if our network has any weak
links internally for attacks. I have witnessed a colleague try and intercept data from workstations to the server and try to hack our network routers and switches.
Would you be able to point me in a direction where I can monitor activity like this? What's more, some of the tools used by this colleague are freely available off of the Internet. Would you know of any sites that I can investigate to put a secure network in place?
Run a tool such as LanGuard to do what is called a vulnerability assesment. LanGuard will provide a free 30-day license, which will allow you to scan your network for weaknesses. In the past it was okay to have secuirty threats inside the network, but not anymore. Your internal systems should be as secure as any Internet device. The LanGuard tool will provide easy to read reports, plus do a whole bunch of things that you are usally changed $10,000 plus by security consutlants.
Also, your colleague is playing with fire and can be terminated if caught.
As for monitoring you can install a simple IDS system such as SNORT (which is free, but sometimes cumbersome to setup) or invest in any of the IDS technologies. (Here are some IDS vendors: Symantec, Entersys, Tenable and NFR Security)
Dig deeper on Vulnerability Risk Assessment
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.