LanSpy is network security scanner, which allows getting different information about computer.
LanSpy is a set of network utilities brought together in a single program with simple and easy-to-use interface. LanSpy help network administrators maintain and manage their networks.
LanSpy includes fast port scanner for gathering information about open ports on remote computer, LanSpy displays services using these ports.
Look at your computer with bad guys eyes!
LanSpy is made for gathering the following information about a remote computer: Ping, Domain name, NetBios names, MAC address, Server information, Domain (working group) information, Domain controllers, Remote control, Time, Disks, Transports, Users, Logged users, Global groups, Local groups, Security options, Shared resources, Sessions, Open files, Services, Processes, Registry, Event log, TCP ports, UDP ports.
What for?
-
Audit your network for security reason issues
-
View processes on remote computers
-
Show list of installed application on workstations
-
Detect shares, open ports and user accounts
LanSpy includes network tools:
Ping. Ping works by sending ICMP “echo request” packets to the target host and listening for ICMP “echo response” replies. Using interval timing and response rate, ping estimates the round-trip time between hosts.
Results:
-
Round Trip Time (RTT)
-
Time To Live (TTL)
Resolve Domain name.
Resolve NetBios names.
Resolve MAC address. Media Access Control address (IAN address) is a unique identifier attached to most forms of networking equipment.
Get Server information.
Get Domain (workgroup) information.
Get list Domain controllers.
Get information about Remote control.
-
Supported Remote Administration Protocol
-
Supported Remote Procedure Call
-
Supported Security Account Manager
Get Time on remote computer.
-
Time of Day
-
System loaded
-
Time Zone
-
Mean Time (GMT) zone
Disks. A:, C:, D: and etc.
Get list Transports. Retrieve information about transport protocols that are managed by the server.
Network adapters.
-
DNS Host Name
-
IP Address
-
IP Subnet
-
MAC Address
-
DHCP Enabled
-
DHCP Server
-
Default IP Gateway
Enumerate User accounts.
-
Full name – specifies the name of the user account.
-
Privilegies – indicates the level of privilege.
-
Home directory – specifying the path of the home directory for the user.
-
Comment – contains a comment to associate with the user account.
-
Comment user – contains a user comment.
-
Logon Server – contains the name of the server to which logon requests are sent. Server names should be preceded by two backslashes (\\). To indicate that the logon request can be handled by any logon server, specify an asterisk (\\*) for the server name. Empty string indicates that requests should be sent to the domain controller.
-
Script path – specifying the path for the user’s logon script file. The script file can be a .CMD file, an .EXE file, or a .BAT file. The string can also be empty.
-
Flags – determines several features. E.g.:
-
The logon script executed
-
The password should never expire on the account
-
-
Account type. For example:
-
This is a default account type that represents a typical user.
-
This is an account for users whose primary account is in another domain.
-
This account provides user access to this domain, but not to any domain that trusts this domain.
-
The User Manager refers to this account type as a local user account.
-
This is a computer account for a computer that is a member of this domain.
-
This is a computer account for a backup domain controller that is a member of this domain.
-
This is a permit to trust account for a domain that trusts other domains.
-
-
Password age.
-
Account expire.
-
Last logon.
-
Last logoff.
-
Bad password count.
-
Number logons.
-
Workstation.
Logged users.
Enumerate Global and Local groups.
Typical groups for Windows:
-
Administrators – Administrators have complete and unrestricted access to the computer/domain
-
Backup Operators – Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
-
Guests – Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
-
Power Users – Power Users possess most administrative powers with some restrictions. Thus, Power Users can run legacy applications in addition to certified applications
-
Replicator – Supports file replication in a domain
-
Users – Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications
Password policy – show security options of remote computer.
-
Minimum password length – Specifies the minimum allowable password length.
-
Maximum password age – Specifies, in seconds, the maximum allowable password age.
-
Minimum password age – Specifies the minimum number of seconds that can elapse between the time a password changes and when it can be changed again.
-
Force logoff – Specifies, in seconds, the amount of time between the end of the valid logon time and the time when the user is forced to log off the network.
-
Password history – Specifies the length of password history maintained.
-
Time before it is automatically unlocked
-
Time between any two failed logon
-
Number of invalid password
Shared resources – retrieves information about each shared resource on a server. E.g.: ADMIN$, C$, D$, IPC$ and etc.
Sessions – display information about sessions established on a server. Parameters:
-
Client – specifying the name of the computer that established the session
-
User – specifying the name of the user who established the session.
-
Time connection – number of seconds the session has been active.
-
Time idle – number of seconds the session has been idle.
Open files – display information about all open files on a server.
-
File Name – name of open file.
-
User – specifies which user (on servers that have user-level security) or which computer (on servers that have share-level security) opened the resource.
-
Permission – access permissions associated with the opening application.
Services – enumerates services on the specified computer.
Processes – display running processes on the remote computer.
Registry – display additional information about system from remote registry.
-
System Identifier
-
Processor Identifier
-
Stepping Processor Name
-
Processor Vendor
-
Processor MHz
-
Bios Date
-
Bios Identifier
-
Date Video BIOS
-
Video BIOS Identifier
-
OS Name
-
Product Id
-
Software Type
-
Current Build Number
-
Current Version
-
Current Type
-
CSD Version
-
Source Path
-
System Root
-
Registered Owner
-
Registered Organization
-
IE version
-
DirexctX version
-
Run
-
Installed Application
Event log – reads a whole number of entries from the specified event log e.g. Application, Security, System.
Network Statistics – retrieves operating statistics for a service. Currently, only the workstation and server services are supported.
Scan TCP ports – scan for multiple listening ports on a single target host. This is often used by administrators to check the security of their networks and by crackers to compromise it. The result of a scan on a port is usually generalized into one of two categories:
-
Accepted or Open: The host sent a reply indicating that a service is listening on the port.
-
Denied or Closed: The host sent a reply indicating that connections will be denied to the port.
E.g. result TCP port scanning
-
25 smtp = > Simple Mail Transfer Protocol
-
110 pop3 => Post Office Protocol – Version 3
-
135 epmap = > DCE endpoint resolution
-
445 microsoft-ds = > Microsoft-DS
Scan UDP ports. E.g. result UDP port scanning
-
135 epmap = > DCE endpoint resolution
-
445 microsoft-ds => Microsoft-DS
LanSpy complies only with Windows 2000/XP/2003.
LanSpy will help you to learn about a remote computer everything or almost everything.
