Exploring Security Testing Tools

There are many automated tools available to perform security testing. Some tools are meant for finding the open ports on every system in a range of IP addresses. Others are meant to find the vulnerabilities associated with the open ports. Yet other tools can capture (or sniff) and help you analyze them so you can glean useful information about what's going on in your network.

You can browse a list of top 50 security tools (based on an informal poll of nmap users) at www.insecure.org/tools.html. Table 22-8 lists a number of tools by category. I describe a few of the freely available vulnerability scanners in the next few sections.

Table 22-8: Some Popular Computer Security Tools

Type Names of Tools

Table 22-8: Some Popular Computer Security Tools

Type Names of Tools

Port scanners

nmap, Strobe

Vulnerability scanners

Nessus Security Scanner, SAINT, SARA, Whisker

(CGI scanner), ISS Internet Scanner, CyberCop Scanner,

Vetescan, Retina Network Security Scanner

Network utilities

Netcat, hping2, Firewalk, Cheops, ntop, ping, ngrep, AirSnort

(802.11 WEP encryption cracking tool)

Host security tools

Tripwire, lsof

Packet sniffers

tcpdump, Ethereal, dsniff, sniffit

Intrusion detection system (IDS)

Snort, Abacus portsentry, scanlogd, NFR, LIDS

Password checking tools

John the Ripper, LC4

Log analysis and monitoring tools

logcolorise, tcpdstats, nlog, logcheck, LogWatch, Swatch

Was this article helpful?

+1 0
Make Money Writing

Make Money Writing

This Report Will Show You How To Make Money By Providing Writing Services To Other Internet Marketers. Learn how to make money by writing the right way. Grab your copy of this report now and learn. Why writing is a great way to earn money. How to compete with cheap writers, even if you charge a lot more money.

Get My Free Ebook


Post a comment