I wrote a script that does most of this - it's very easy to customize to add additional checks: (it doesn't check specifically for AV - but you could add a module on this, or review the running processes or services on the system, which is included in the output.) http://online.securityfocus.com/data/tools/nt_audit_script12.zip (thanks to Patrick Heim who wrote portions of this script) At 11:03 PM 5/9/2002 +0000, Jason wrote: >I will be performing a workstation audit on 300 W2k >workstations across the network. > >I need to scan to see: >1. If there are any trojans running on these hosts. >2. Whether shares are activated on these hosts. >3. Whether anti-virus is installed. > >I will have domain administrator rights and all >workstations are in the windows NT 4.0 domain. > >What tools do people recommend for performing each of these >steps? I will be scanning for workstations within a >specific IP range. > >For Trojan Scanning I have seen tools like TFAK. But I am >not sure how good it is and I know it can't be run on a >block of IP's. > >For determining whether shares are activated maybe I could >use something like Legion ? > >For determining whether anti-virus is installed I need a >tool that can dump a list of services running on a remote >host for a block of IP addresses. > >Any help appreciated. > > >---------------------------------------------------------------------------- >This list is provided by the SecurityFocus Security Intelligence Alert (SIA) >Service. For more information on SecurityFocus' SIA service which >automatically alerts you to the latest security vulnerabilities please see: >https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon May 13 2002 - 13:23:08 PDT