Top 100 Network Security Tools is the third article in a series on audit and security tools. The first article, How to Stay out of Jail, stresses that you need a GOOJ card before you use any security tools or techniques. The second article, What Needs to be on a GOOJ Card, outlines how to create a GOOJ card.
Key point: Never use security or cracker tools on networks or devices that you do not own unless you have permission in writing.
In this article, I describe a few security tools that I believe every auditor or security analyst should be familiar with, or at the very least, be aware of.
[ W A R N I N G : The following links are often categorized by web filters as Hacking links, but only because the tools on this website are used by crackers as well as auditors and security analysts. This is a safe website, but the "watchers" at your workplace may not agree - BEWARE]
The Top 100 Network Security Tools (the updated list has 125 now) are listed at sectools.org, which is maintained by Fyodor (aka Gordon Lyon, who is one of the IT Security Pioneers I mentioned previously). Most of the tools are free, some are open source, and some are commerical tools. The list contains links to the website where you can download or purchase the tools.
Some of the tools described below are not that hard to learn. Some require some a little computer or network knowledge, but the average IT guy or sharp IT auditor should know enough to learn these tools. The point to remember is that the average geek or cracker won’t have that much trouble mastering them and pointing them at your network assets–that’s why YOU need to be aware of them.
The following tools are free:
Nmap: The grandfather of security scanners (runs on most operating systems), created by Fyodor.
Nmap identifies the hosts that are available on the network, what operating system and services (HTTP, FTP, etc.) they are running, the type of packet filters/firewalls in use, and more. Basic operations are easy to learn. If you learn the basics of only one tool out of 100, make it this one.
Cain and Abel: The top password recovery tool for Windows
This software is a sniffer that captures plain text and encrypted passwords as they go by on the network. Unlike Wireshark, the heavy-duty sniffer (also a top 100 tool for Windows), Cain is easier to learn and use (good manual on website). Cain can also be used to crack encrypted passwords.
I like to use this tool at work to prove that unencrypted passwords are easy to capture off the network. Just fire up Cain, start the sniffer piece, and log into the application from your PC, and watch the password magically appear.
NetStumbler: Windows wireless (802.11) sniffer
This is the easiest way to find open (unsecured) wireless access points on your network. It’s not as robust as Kismet (another top 100 tool for Windows). I suggest you try both of them.
Superscan: Port scanner for Windows
Basic functions are simple, and requires no installation. Great for running off a thumbdrive. Good manual on website.
I suggest you try these out on your home network, and if you do start using them at work, aim them only at test systems until you know what you’re doing.
Let me know what you think of them and whether you found them easy or hard to use. Do you have other tools you rely on?
If you’re an IT auditor and you haven’t used at least 5 of these tools, you’re not doing your job. If your company won’t allow you to use them, then at least do the basics described in the following posts:
Again, the link to the Top 100 Network Security Tools is sectools.org.
See also 20+ best FREE security tools from cso.com. Unfortuantely, it’s an annoying slide show, but it includes NMAP, Metasploit, and other well-knowns like Wireshark, but also includes tools like the Samurai Web Testing Framework, Fierce Domain Scan, and Threadfix.