Q

Testing if systems have been infiltrated

I need a simple, cost-effective way to be able to ascertain if any systems for which I am responsible are/have

been compromised.

It seems that there are solutions that cost a gazillion dollars (so I will never know if they work -- management won't spend that kind of money), or there are scanners and such that are free or low-cost but offer little in the way of solutions to the problem.

Do you have a solution that we can live with (and pay for)? What happened to good old Yankee ingenuity?
Well, this can be a complicated matter if we get down to the nitty gritty of looking at logs from an incident response perspective. Perhaps the best way to address this is for you to run tests against your own systems to see what the bad guys see (ethical hacking). There are a lot of variables here (OS, network design and so on), but here a few good tools you can use for starters to see where you stand:

  • SuperScan for Windows systems
  • Nessus vulnerability scanner
  • QualysGuard (definitely the most bang for your buck -- it will scan practically every platform for tons of vulnerabilities. You definitely get what you pay for here)
I go into all of this in detail in my book Hacking For Dummies. You can get two of its chapters for free at the following links: Hacking Exposed and Counter Hack are great resources, as well.
This was first published in August 2004

Dig deeper on Vulnerability Risk Assessment

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close