Useful Security Tools

The Internet Connection Analyser http://netalyzr.icsi.berkeley.edu/

The Netalyzr analyses various properties of your Internet connection that you should care about — including blocking of important services, HTTP caching behavior and proxy correctness, your DNS server’s resilience to abuse, NAT detection, as well as latency & bandwidth measurements — and reports its findings in a detailed report. You can check out an example report from a real network to get a better idea of our tests.

To perform these tests, the Netalyzr runs a Java applet on your computer. You may be asked to confirm network-related activities that your system’s applet security policy or firewall considers sensitive. We hope that you will permit any such activity, as it will ensure more comprehensive test results. For details on the tests that will be performed please visit the FAQ section.

Click the link below to launch the probe applet. If you don’t see a clickable link, you don’t have Java installed, it is not enabled in your browser, or your runtime is incompatible. In that case, see the FAQ section for help. Users of Firefox’s “NoScript” add-on may need to reload this page and wait a few seconds for Java to start.

 

Metasploit is a very good security testing framework http://www.metasploit.com/

If you are trying to learn about Metasploit and penetration testing, Metasploit Community Edition is your best option. Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose – for free. This helps prioritize remediation and eliminate false positives, providing true security risk intelligence. IT professionals can demonstrate the impact of vulnerabilities to IT operations to obtain buy-in for remediation.

 

Nmap is the network tool for profiling operating system, however if you prefer a graphical interface then I tend to use zenMap http://nmap.org/zenmap/

Nmap (“Network Mapper”) is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

 

We use eEye Retina for our vulnerability scanning http://www.eeye.com/products/retina/retina-network-scanner

 

Cain & Abel was the other tool I mention, beware though that most virus scanners will detect it as a malicious application http://www.oxid.it/cain.html

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.

Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.

The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.

DNS Benchmark is very useful for determining the performance of DNS Servers http://www.grc.com/dns/benchmark.htm

A unique, comprehensive, accurate & free Windows (and Linux/Wine) utility to determine the exact performance of local and remote DNS nameservers . . .


The other thing I use quite a bit is BackTrack 5, it’s a suite of tools built into a linux distro rather than a single application http://www.backtrack-linux.org/

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s