Jump to content

Network scans/local accounts, etc


antidumb

Recommended Posts

Greetings, all. I work for an MSP and we may be taking over for a rather aggressive IT manager. The potential client is interested in cost savings and better service overall. We feel he may have some backdoors installed on various sytems and we're trying to figure out how best to suss them out as much as possible. We're looking at Spiceworks for a quick and dirty map of things, but that won't really give us info on local admin accounts, etc. if I remember correctly.

What we're looking for is a tool or some combination of tools to make our lives easier with the scan. I don't care about platform and I'm fine with paying. Free and Windows-based would be best, though. ;)

Link to comment
Share on other sites

Given the fact that it's next to impossible to prove something isn't there and you currently distrust the system, wouldn't both you and your client be better off to reinstall the machines in question? If anything I would hope this is the long-term goal you're working towards...

After a quick google the first thing that hit my screen which may be appliccable is Hyena. Subsequent find is ARKWE. No idea how appliccable either are to your specific needs.

Link to comment
Share on other sites

I don't know that scrubbing will be an option. That would, of course, be the BEST plan of action, but the client may not be down for it. I'm sure you know clients don't always go for things that are in their best interest. What we're looking to do is get as much info as possible. There may be nothing nefarious, but we need to do our due diligence. We need to get as much of a map of the location as we possibly can. It's not so much that we specifically distrust the current setup. I just don't know, which makes me wary.

I'll look into both tools. We can get hands-on with everything if need be, but if we can pop a tool on a system and do a scan, it's going to be much easier. They have ~50 desktops and laptops and a half dozen or so servers. Automated is the way to go if possible.

Thanks, Cooper.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...