Open-AudIT - Network auditing application

About Open-AudIT

Open-AudIT is a network auditing application. It is based on the scripting languages of PHP, Bash and VBScript. It can tell you what is on your network, how it is configured and when it changes.
Data is retrieved with Bash and/or VBScript, stored in a database and viewed through a web interface.
The server only needs a web server (Apache and IIS have both been tested) and a MySQL install. Both of these applications are free to use.
Your network devices can be queried and audited. Results are stored in a database for viewing, reporting and change auditing. All interaction is via standards compliant web pages.
To setup Open-AudIT you will need the following - a webserver (IIS or Apache will do), PHP installed on the webserver, a MySQL database (usually residing on the webserver), the gd and imagick extensions for PHP. Once these are installed and working, simply download the application (download the SVN Trunk for the latest version). Extract the files into a directory on your webserver that is visible to the clients. Call the page setup.php in a web browser. Follow the prompts. It really should be that simple.
To audit Windows systems, you will need to run the 'firewall_enable.vbs' script locally on each system you wish to audit remotely. In a domain environment, you will need Administrative permissions to audit remote systems. Examine audit.config (in the scripts directory) and configure to your needs. Auditing your entire domain can be accomplished by a single command - or you could make a 'scheduled task' to audit the domain at a set time. You could also combine the audit script with your domain logon script, so that every time a system is logged on, it is also audited.
To audit Linux workstations, run the script audit_linux.sh (in the scripts directory) on each system.
To scan your network, use nmap.vbs (also in the scripts directory). Now, everything on you network will be visible to you and you will know if it changes.

License

Open-AudIT is licensed under the terms of the GNU General Public License as published by the Free Software Foundation. This gives you legal permission to copy, distribute and/or modify Open-AudIT under certain conditions. Read the 'LICENSE' file in the Open-AudIT distribution or read the online version of the license for more details. Open-AudIT is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.

Features

Open-AudIT can track the following data on computer systems:
  • Hardware
    • Fixed Disks
    • Partitions
    • SCSI devices
    • Optical, Tape and Floppy Drives
    • Processor and Bios information
    • Memory Details
    • Network, Video and Sound Cards
    • Monitors
    • Modems
    • Keyboard and mouse
    • Battery Information
    • Locally attached printers
    • USB Devices
    • And More
  • Software
    • Installed and Uninstalled Software
    • Specific executable versions
    • System Components
    • Hotfixes and Patches
    • What is run at Startup
    • IE Browser Helper Objects
    • Services
    • Codecs
    • Software Install Keys
      • Windows (95, 98, ME, NT, 2000, XP, 2003, Vista)
      • Office (XP and 2003)
      • Crystal Reports (9, 11)
      • Autocad
      • Photoshop
      • Many Others
  • Operating System Settings
    • General Information (OS Type, Service Pack, Registered User, etc)
    • Shared Directories
    • Major Software Versions (IE, DX, Media Player)
  • Security Settings
    • AntiVirus
    • Firewall
    • Nmap discovered Ports
  • Users and Groups
  • IIS Settings
  • Disk Usage Graphs
  • Audit History

Networked Devices

Open-AudIT can audit network devices such as printers, switches, routers - anything with an IP Address can be audited. You can be alerted when new devices appear on your network.     

Reporting

Reports are available for:
  • Operating System Type
  • IE Versions
  • Firefox Versions
  • Memory Sizes
  • Processor Types and Speeds
  • Hard Disk sizes
  • Software Keys
  • Detected Network Servers
  • Newly Detected Software
  • Low Disk Space
  • Systems not audited for xxx days
  • Export to Inkscape, Dia, PDF
  • Custom reports by request

Software Licensing

New to Open-AudIT. Now you can keep track of installed software versus purchased licenses.

Source: http://www.open-audit.org
Document: https://community.opmantek.com/display/OA/Home

Nhận xét

Đăng nhận xét

Bài đăng phổ biến từ blog này

CLEANING UP THE ZABBIX DATABASE

My Zabbix database size increased a lot in the last few months and since my disk was running out space, I decided to clean up the old events from the database. Looking at the database tables, the biggest one was  history_uint , which holds the items history data – over 400 millions of records and over 30 Gb of disk space before the clean up. Since deleting the old records from this table directly would be a very slow process, I decided to create a new table and insert the latest records from the  history_uint  table and then just replace the old table with a new one. Since this is not an offical procedure, use it at your own risk. Environment: Zabbix v2.2 MySql 5.1 – InnoDB with  innodb_file_per_table=ON Step 1 – Stop the Zabbix server Step 2 – Open your favourite MySQL client and create a new table CREATE TABLE  history_uint_new  LIKE  history_uint; Step 3 – Insert the latest records from the  history_uint  table to the  history_uint_new table First you need to de
Đọc thêm

Configuring DHCP Relay service on the FortiGate unit

Configuring DHCP Relay service on the FortiGate unit If the clients are configured to obtain a IP address using DHCP relay, configure the FortiGate server as below: To configure DHCP relay on the FortiGate unit   1. Go to System > Network > Interfaces and select Interface want to configure DHCP relay.   2. Enable DHCP Server in the interface and choose Advanced   3. For Mode, select Relay.   4. In Type select Regular.   5. Select OK.   6. If a router is installed between the FortiGate unit and the DHCP server, define a static route to the DHCP server. Note : Sometimes it is required to specify more than one DHCP relay IP, to allow for the coverage of additional LAN subnets. Although the Web Based Manager (GUI) does not provide an option to configure this, it is possible to set up to 8 IPs from the CLI.       config system interface             edit <REQUIRED_INTERFACE_HERE>               set dhcp-relay-ip <FIRST_IP> <SECOND_IP> ....<EIGHTH_IP&
Đọc thêm

Stuxnet Trojan - Memory Forensics with Volatility | Part I

Hình ảnh
Stuxnet could be the first advanced malware. It is thought that it was developed by the United States and Israel to attack Iran's nuclear facilities. It attacked Windows systems using a zero-day exploit and It was focused on SCADA systems in order to  affect critical infrastructures... Also, it may be spread from USB drivers. It is necessary a squad of highly capable programmers with depth of knowledge of industrial processes and an interest in attacking industrial infrastructure to develop this malware. Kaspersky Lab concluded that the sophisticated attack could only have been conducted "with nation-state support" and a study of the spread of Stuxnet by Symantec says that it was spread to Iran (58.85%), Indonesia (18.22%), India (8.31%), Azerbaijan (2.57%).... Thanks to Malware Cookbook we can download a memory dump from an infected host with this malware in the URL below:  http://www.jonrajewski.com/data/Malware/stuxnet.vmem.zip Ok, let’s go. We are going to analyze i
Đọc thêm