How it Works
EEye Digital Security
Loading...
R
Loading...
Loading...
Retina
User Manual
103 pgs2.87 Mb0

EEye Digital Security Retina User Manual

Users Manual
®
Retina
Network Security Scanner
Retina Users Manual
Warranty
This document is supplied on an "as is" basis with no warranty and no support.
Limitations of Liability
In no event shall eEye Digital Security be liable for errors contained herein or for any direct, indirect, special, incidental or consequential damages (including lost profit or lost data) whether base d on warranty, contract, tort, or any other legal theory in connection with the furnishing, performance, or use of this material.
The information contained in this document is subject to change without notice. No trademark, copyright, or patent licenses are expressly or implicitly granted (herein) with this manual.
Disclaimer
All brand names and product names used in this document are trademarks, registered trademarks, or trade names of their respective holders. eEye Digital Security is not associated with any other vendors or products mentio ned in this document.
Retina
© 2004-2005 eEye Digital Security. All rights reserved. | R-M-031405 This document contains information, which is protected by copyright. No part of this document may be photocopied,
reproduced, or translated to another language without the prior written consent of eEye Digital Security.
®
Network Security Scanner Users Manual
Collateral Information
For the latest updates to this document, please visit: http://www.eeye.com/partners
Revision: 5-2-12
i
Table of Contents
Retina Users Manual
Table of Contents
Table of Contents.............................................................................................................................................................i
Introduction.....................................................................................................................................................................1
Preface ..........................................................................................................................................................................1
Audience........................................................................................................................................................................1
Customer Support .........................................................................................................................................................1
Conventions Used in this Manual..................................................................................................................................1
Collateral Information ....................................................................................................................................................1
Installation.......................................................................................................................................................................1
Installation Requirements..............................................................................................................................................1
Installing Retina from the CD-ROM...............................................................................................................................1
Opening the Installation Wizard with Run Dialog..........................................................................................................7
Installing Retina from the Command Line.....................................................................................................................8
Uninstalling Retina.......................................................................................................................................................10
Uninstalling Retina from the Command Line...............................................................................................................12
Retina Sessions...........................................................................................................................................................13
Starting Retina.............................................................................................................................................................13
Startup Message................................................................................................................................................13
Using the Retina Interface...........................................................................................................................................13
Menu Bar.....................................................................................................................................................................13
Shortcut Bar.................................................................................................................................................................13
Status Bar....................................................................................................................................................................15
Tabs Pane...................................................................................................................................................................15
Options Dialog.............................................................................................................................................................15
Using the Getting Started Wizard................................................................................................................................16
Using the Discover Tab................................................................................................................................................25
Accessing the Discover Tab........................................................................................................................................25
Starting a Discovery Scan...........................................................................................................................................26
Creating a New Address Group from Scan Results....................................................................................................28
Appending to an Existing Address Group...................................................................................................................29
Clearing Discovered Items ..........................................................................................................................................30
Sorting the Scan Results.............................................................................................................................................30
Using the Audit Tab......................................................................................................................................................32
Accessing the Audit Tab..............................................................................................................................................32
Starting an Audit Scan.................................................................................................................................................33
Audit Results......................................................................................................................................................35
Creating and Modifying Groups...................................................................................................................................37
Port Groups........................................................................................................................................................37
Address Groups.................................................................................................................................................38
Audit Groups......................................................................................................................................................39
Always Groups...................................................................................................................................................40
Credential Management..............................................................................................................................................40
Overview............................................................................................................................................................40
Deployment/Installation Decisions.....................................................................................................................40
Local Access to non-Windows™ devices..........................................................................................................40
Managing Credentials........................................................................................................................................42
Using the Remediate Tab.............................................................................................................................................44
Accessing the Remediate Tab ....................................................................................................................................44
i
Table of Contents
Retina Users Manual
Generating a Remediation Report...............................................................................................................................45
Printing a Remediation Report....................................................................................................................................46
Editing a Remediation Report in Microsoft Word™.....................................................................................................46
Saving a Remediation Report .....................................................................................................................................46
Using the Report Tab....................................................................................................................................................47
Accessing the Report Tab...........................................................................................................................................47
Generating a Report....................................................................................................................................................48
Printing a Report..........................................................................................................................................................49
Saving a Report...........................................................................................................................................................49
Scheduling Scan Jobs..................................................................................................................................................50
Using the Scan Jobs Pane...........................................................................................................................................52
Completing Scan File Procedures ..............................................................................................................................54
Opening a Scan File....................................................................................................................................................54
Deleting a Scan File ....................................................................................................................................................54
Options...........................................................................................................................................................................55
Customizing Retina .....................................................................................................................................................55
General Options ..........................................................................................................................................................55
Appearance........................................................................................................................................................56
Logging..............................................................................................................................................................56
Auto Update.......................................................................................................................................................57
Central Policy.....................................................................................................................................................57
Event Routing..............................................................................................................................................................57
REM...................................................................................................................................................................57
OPSEC ..............................................................................................................................................................57
Scanner.......................................................................................................................................................................57
Performance ......................................................................................................................................................58
Reliability............................................................................................................................................................59
Retina Extras.................................................................................................................................................................60
Using a DSN to Store Session Data............................................................................................................................60
Viewing Previous Jobs from a DSN ............................................................................................................................60
Auto Update...................................................................................................................................................................61
What is Auto Update....................................................................................................................................................61
Manual Update ..............................................................................................................................................................62
License Management....................................................................................................................................................65
Running Retina for the First Time ...............................................................................................................................65
Migrating Retina to a New Machine ............................................................................................................................65
Terminating a License.................................................................................................................................................66
Retina Audit Wizard......................................................................................................................................................67
Using the Plugins Wizard.............................................................................................................................................79
Using Retina From the Command Line ......................................................................................................................80
Retina.exe: ..................................................................................................................................................................80
RetRPC_Client.exe .....................................................................................................................................................80
ii
Table of Contents
Retina Users Manual
Glossary.........................................................................................................................................................................82
iii
Introduction
Retina Users Manual
Introduction
Preface
The Retina Network Security Scanner is designed to work in conjunction with your existing systems, networks, security packages, databases, and user interfaces. This enables you to proactively guard against intrusion by regularly testing the integrity of your network to uncover and fix potential security weaknesses.
Audience
This manual is intended for network security administrators who are responsible for protecting their organization's computing assets. Readers are expected to be familiar with networking and security concepts, and should be capable of performing routine network administration tasks.
Customer Support
eEye customer support can be reached by completing a support request form on the Contacts or Support page of our Web site at site.
http://www.eeye.com/. The most up-to-date customer service information is posted on the eEye Web
Conventions Used in this Manual
The following list shows typographic and usage conventions of this manual: Bold text represents commands, interface buttons, and dialog names, except when they appear in window examples
or the contents of files.
Purple underline text indicates a hypertext link to a topic within the manual or a Web site.
Monospace text represents context specific values including Windows™ NT path names. Underline Character underline represents the shortcut key or key combination you can enter as a command to cause
the specified function to occur. For example, if the command is Add rule, you can press the letter A on your keyboard to display the wizard that you
can use to create a rule.
Collateral Information
For the latest updates to this document, complete the following:
Log in to
Enter your Client Username and Password in the provided fields.
Your Client Username and Password are provided in your purchase confirmation e-mail.
Click the Product Documentation link.
https://www.eeye.com/clients from your Internet browser.
Click the Retina User Manual link.
Click save to download a copy of the manual.
The Security Page displays links to eEye product user manuals.
Click the link of the manual you want to view.
1
Installation
Retina Users Manual
Installation
Installation Requirements
To install the eEye Retina Security Scanner, your server must meet at least the following minimum system requirements:
Windows NT™ Version 4.0 SP3 or higher (Windows 2000 or 2003 Server recommended)
Internet Explorer™ Version 4.01 or higher
32 MB of memory
16 MB of free disk space
Internet connection (optional for remote scanning, required for regular updates)
To install the eEye Retina Security Scanner, we recommend the following system:
Windows 2000™ or 2003 Server
Internet Explorer™ Version 5.5 or higher
512 mb of memory
1 gb of free disk space
Internet connection
Installing Retina from the CD-ROM
If you meet the system requirements specified above, complete the following steps to install Retina from the provided CD-ROM. eEye recommends that you exit all Windows™ programs before you run the Retina Installation Wizard
Insert the Retina CD into your workstation’s CD-ROM drive.
1. Select the CD-ROM drive, and then click Note: If the Auto Play option is disabled for your CD-ROM drive, access the CD-ROM drive through
Windows Explorer or My Computer and double-click on the Ret i n a Setup.exe file.
The Welcome screen of the Retina Installation Wizard appears.
RetinaSetup.exe.
1
Installation
Retina Users Manual
2. Click Next >. The License Agreement window appears.
2
Installation
Retina Users Manual
Review the End-User Software License Agreement. You must accept the license agreement to continue using the Retina Installation Wizard.
3. Click Yes. The Destination Folder window appears.
3
Installation
Retina Users Manual
This window allows you to select the directory where the installation wizard will install the Retina files.
4. Do one of the following:
Accept the default destination folder: C:\Program Files\eEye Digital Security\Retina 5\.
Click Browse, and select a folder where you want the Retina files to be installed.
5. Click Next >. The Ready to Install the Application window appears.
4
Installation
Retina Users Manual
6. Click Next >.
The install program displays a progress bar and shows the files as the application copie s the m to your system.
5
Installation
Retina Users Manual
Once Retina is completely installed, the following screen displays to confirm a successful installation.
6
Installation
Retina Users Manual
7. Click Finish.
The Retina Installation Wizard closes. If reboot is required the Installer Information window appears.
8. If the window appears, do one of the following:
Click OK to have the installation program restart your system so the changes can take effect.
Click Cancel if you plan to restart your system manually later.
Opening the Installation Wizard with Run Dialog
Complete the following steps to open the Retina Installation Wizard from Windows™ Run Dialog rather than directly off the CD-ROM. eEye recommends that you exit all Windows™ programs before you run the Retina Installation Wizard.
Note: Make sure you have inserted the Retina CD into your workstation’s CD-ROM drive.
7
Installation
1. Click the Windows™ Start button.
2. Click Run from the list of options. The Run dialog box appears.
3. Type the drive letter of your CD-ROM drive.
For example, enter D:\ if your CD-ROM drive is the D drive.
Retina Users Manual
4. Type
In the following example, the entire path is D
5. Click OK. One of the following occurs:
RetinaSetup.exe after the CD-ROM drive letter.
:\RetinaSetup.exe
If you entered the correct path for RetinaSetup .exe, the Welcome window of the Retina Installation Wizard appears.
If you entered the incorrect path to RetinaSetup.ex e, an error message appears.
If need be, complete the following steps to display the Welcome window of the Retina Installation Wizard:
Click Browse.
Find and double-click the Retina Setup icon.
Click OK when the Run dialog box reappears and displays the path name you selected.
The following example is the Welcome window of the Retina Installation Wizard.
Installing Retina from the Command Line
Complete the following steps to open the Retina Installation Wizard from the Windows™ Command Prompt rather than directly off the CD-ROM. eEye recommends that you exit all Windows™ programs before you run the Retina Installation Wizard.
1. From the command prompt change directories to the location of RetinaSetup.exe (i.e. CD \windows\temp).
8
Installation
Retina Users Manual
2. Then enter “RetinaSetup” and press enter. At this point you can also use one or more of the following command line switches:
REINSTALLMODE=”amus” – This will cause all files to be overwritten whether they are newer than the installation files or not.
/qn – Completely silent. No User interface is displayed. If a reboot is required, Windows Installer will automatically reboot the system at the end of installation.
/qb – Basic user interface. Only a progress dialog is displayed to the user. If a reboot is required, Windows Installer will prompt the user to reboot.
INSTALLDIR=”…” - Installation folder (where … is the path to install). Set this property to change the default installation path.
CREATEDESKTOPICON=”0” – Disables creation of a desktop icon for Retina. This option is enabled by default. Set to 0 to prevent creation of the icon.
CREATEQUICKLAUNCH=”0” – Disables creation of a quick launch icon for Retina. This option is enabled by default. Set to 0 to prevent creation of the icon.
/l*v “C:\RetinaInstallLog.txt” - Enables full logging. This should only be used for debugging if problems occur during installation.
REBOOT=”ReallySuppress” – Used to suppress the automatic reboot when using the /qn silent option above. The reboot still needs to occur, for the software to run properly.
SERIALNUMBER=”…” – Sets the serial number (where … is the actual serial number to use).
CFPATH=”…” – Path for Common eEye Digital Security files such as eEye Auto Update. If another eEye
product is already installed, this parameter is ignored since the common path must be the same for all eEye products.
3. The Welcome screen of the Retina Installation Wizard appears.
4. Continue from step 3 in Installing Retina from the CD-ROM (page
1).
9
Installation
Retina Users Manual
6. Go to step 3 of Installing Retina from the CD-ROM for procedures on using the Retina Installation Wizard to
install Retina.
Uninstalling Retina
Complete the following steps to remove Retina from your workstation using the Retina Uninstall Wizard. eEye recommends that you exit all Windows™ programs before you run the Retina Uninstall Wizard.
1. Click the Windows™ Start button.
2. Go to Settings and click Control Panel.
The Control Panel appears.
3. Click Add/Remove Programs. The Add/Remove Programs window appears.
4. Click Retina from the list of installed programs.
10
Installation
Retina Users Manual
5. Click Remove. Windows™ displays a prompt to allow you to continue the uninstall of Retina. Select Yes to continue.
6. The uninstall displays a prompt asking if you would like to remove your Retina license from the machine. Select Yes to remove the license, or No to keep the license for later use on the same machine.
11
Installation
Retina Users Manual
7. A progress bar displays, showing the status of the uninstall. When the uninstall has completed, the progress
dialog closes.
In some system configurations, a system reboot may be required in order to complete the uninstall. If this is the case, the uninstall will prompt if you would like to reboot now.
Uninstalling Retina from the Command Line
Complete the following steps to remove Retina from your workstation using the Windows™ Installer from the command line. eEye recommends that you exit all Windows™ programs before you run the Windows™ I nstaller.
1. Open the Windows™ Command Prompt.
2. Enter “Msiexec.exe /x {59404E7D-BE5F-4668-9BDF-52C98FCA09D1} “ and press enter.
3. Follow the prompts. There are a number of options available to uninstall from the command line. These are: REMOVELICENSE=”1” – Remove the license during uninstall without prompting. REMOVELICENSE=”0” – To keep the license without prompting during uninstall. REMOVECONFIGURATION=”0” – To keep your configuration data without prompting. REMOVECONFIGURATION=”1” – To remove configuration data without prompting.
12
Installation
Retina Users Manual
Retina Sessions Starting Retina
Complete the following steps to start the Retina Interface:
1. Click the Windows™ Start button.
2. Click Programs > eEye Digital Security > Retina Network Security Scanner Note: If this is the first time you’ve used Retina, the License Management screen will appear. See License
Management on page 65, for instructions on installing your Retina license.
Retina starts and the main menu of the interface appears as shown in the following section.
Startup Message
To have Retina display information prior to starting, such as access warning messages. Place the text warning into a file named “WarningInfo.htm” in the Retina installation directory. This file will display in a text box when Retina starts. The user will have to click the OK button to start Retina or close the window to abort it. This text box is an HTML display control, so common HTML elements may be used to add text formatting.
Using the Retina Interface
The Retina Interface is the first window that appears when you log on to the Retina software. You can select the Retina features that you want to use from the toolbar or the provided tabs. The toolbar also provides options you can use to navigate to the next or previous window. Drop-down menus provide lists of commands.
The Retina Interface always saves your preferences and displays your settings from previous sessions.
Menu Bar
The Retina Interface drop-down menus provide standard commands you can select. The menu bar always appears at the top of the Retina Interface window.
The following drop-down menus are provided from the Retina Interface:
File – to open scan files and set DSN locations Edit – normal cut, copy and paste editing functions View – display or hide the QuickScan, Explorer or Status bars. Tools – audits and plugins wizards; access to address, audit and port group modification dialogs; credential
management; updates and program options Help – links to product help, support, eEye sales, license management and information about the product version
Shortcut Bar
Retina displays the following shortcut bars in the left vertical windowpane:
Tasks
13
Installation
Other Places Help and Support
Retina Users Manual
Tasks: appears at the top left pane of the Retina Interface window, and displays options for the selected Retina security task tab. For example, the shortcut bar for the Remediate Tasks menu displays tasks including, Generate Reports and Print Reports
Other Places: appears below the Tasks shortcut bar at the middle left pane of the Retina Interface window. This displays the Retina tasks (except the task that is currently selected) that you can select and use such as Audit, Reports, Remediate, and Options.
14
Installation
Retina Users Manual
Help and Support: appears below the other shortcut bars at the bottom left pane of the Retina Interface window.
This provides options you can select to view general information about the Retina Network Security Scanner and eEye Digital Security Solutions.
Status Bar
Retina uses the status bar at the bottom of the window to display messages from the task Retina is currently processing.
Tabs Pane
The Tabs pane is the main window of the Retina Interface. It displays tabs you can select to use the features associated with each Retina task. You can select from the following tabs:
Discover Audit Remediate Report
Options Dialog
The Options dialog allows you to set your preferences for various Retina settings, such as event routing, automatic updates, scanner tuning and other general configurations.
To access the Options dialog, select Tools > Options. The following example shows the Options dialog. The General tab displays by default when you select Options.
15
Installation
Retina Users Manual
Using the Getting Started Wizard
The Retina Getting Started Wizard provides a brief introduction to using the Retina Network Security Scanner to perform a vulnerability scan and analyze the results.
Complete the following procedure to use the Retina Getting Started Wizard:
1. Select Help > Getting Started from the Retina Interface menu bar. Note: The wizard automatically also appears after you install Retina.
The Welcome to Retina window appears.
16
Installation
Retina Users Manual
2. Click Next > on the Retina Getting Started Wizard. The Beginning a Scan window appears.
17
Installation
3. Select the Audit tab on the Retina Interface.
4. Click Next > on the Retina Getting Started Wizard.
The Scanning a Range of IP Addresses window appears.
Retina Users Manual
5. Do one of the following from the Audit tab:
Enter an IP address for Retina to scan in the Address field, or complete the following procedure to enter a range of IP addresses.
Enter a range of IP addresses for Retina to scan as follows:
Click the IP Range radio button
Enter an IP address in the From field
Enter another IP address in the To field
6. Click Scan from the Audit tab. The status bar displays the scan’s progress. When the scan is complete, the main Retina pane displays general information and audit details for the selected IP address(es).
7. Click Next > on the Retina Getting Started Wizard. The Selecting Scanned Ports window appears.
18
Installation
Retina Users Manual
8. Click Next > on the Retina Getting Started Wizard. The Selecting Audit Groups window appears.
19
Installation
Retina Users Manual
9. Click Next > the Retina Getting Started Wizard.
The Analyzing Scan Results window appears.
20
Installation
Retina Users Manual
10. Review the scan information for the selected IP address(es) that appears in the main Retina pane of the Audit
tab. The General section displays information including the IP addresses, report date, domain name, and so o n.
The Audits section displays images that represent the highest risk level of the audits found on the select system. The image is color coded to match Retina’s audit risk level settings (see Audit Results on page
11. Click any entry from the Audits section to display more information in the Details pane.
12. Click Next > on the Retina Getting Started Wizard.
The Retrieving Scan Results window appears.
35 for more information).
13. Click Next > on the Retina Getting Started Wizard. The Printing A Report window appears.
21
Installation
Retina Users Manual
14. Select the Reports tab on the Retina Interface if you want to create a report of your scan results. Then, click Generate.
The report you created appears in the Results pane of the Retina Interface. Use the scroll box to move vertically through the report.
To print your report, click Print Report from the Report Tasks shortcut bar.
15. Click Next > on the Retina Getting Started Wizard.
The Printing An Executive Report window appears.
22
Installation
Retina Users Manual
16. Click Next > on the Retina Getting Started Wizard.
The Additional Information window appears.
23
Installation
17. Click Finish to exit the Retina Getting Started Wizard.
Retina Users Manual
24
Loading...
+ 73 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use