Within the context of computer networking, auditing is the process of analysing a network for its usage and security. There are several third-party auditing applications available, but Microsoft Windows comes built in with tools for auditing. Audits can also be done manually without software, but in this blog post I will be looking at the effectivness and use of automated audits.
Auditing tools carry out automated scans (audits) that determine the security and functionality of a network. On top of this, audits also review the performance/optimisation of a network. Once an audit is complete, a report, summarising any findings, is sent to network adminstrators for action to be taken.
While scanning, auditing tools view all network nodes and scan all files and services and look out for possible threats. These can be identified if certain patterns a found, or if unauthorised items or known threats are detected.
The data retrieved from the network by the audit can be used to find out many things:
- What logins are regularly targeted
- What is being used/accessed by certain users
- The time of occurences
- Possible malicious files
- Network Intrusion
- and more…