Nmap Security Tool Survey 104
spring writes "Every so often, the author of everyone's favorite network reconnaissance tool, nmap, runs a survey to determine which security-oriented software products are most popular. This year's tool survey was just released, and it contains some interesting results. Old favorites like Nessus, Snort, Netcat, and Ethereal made the list, of course. SAINT and SARA are still around. But a number of new tools appeared this year, like Windows-only GFI LANguard, SuperScan, and Cain & Abel. Nikto and Kismet demonstrate the growing importance of wireless networks. The survey contains many good tools. Certainly worth a read."
I know the *most* popular security purchase..... (Score:4, Informative)
When a windows java exploit can reformat your disk by visiting a malformed web page, you don't really have to wonder why they're so popular.
Ethereal a security tool ? (Score:4, Informative)
Re:Security tools are awesome, but.... (Score:3, Informative)
Last I checked, Nikto had nothing to do with wireless networks. It's a web server scanner based off Whisker [wiretrip.net].
Re:Ethereal a security tool ? (Score:4, Informative)
mac os X tools (Score:5, Informative)
rpg [well.com] password generator
kismac [binaervarianz.de] a kismet equivalent that also includes a WEP cracker. very nice!
macanalysis [macanalysis.com] a really good security tools suite
Wellenreiter (Score:5, Informative)
Re:WAP Detectors (Score:4, Informative)
The popular scanning solutions include several APs that cover your building/area and passivly listen for WiFi traffic. They are typically permamently mounted and listening.
Re:Ethereal a security tool ? (Score:4, Informative)
Sometimes ducks don't just quack. The sometimes fly and lay eggs too.
Re:WAP Detectors (Score:4, Informative)
Re:Wasn't nmap the tool of controversy from SGI? (Score:5, Informative)
You're almost certainly thinking of Dan Farmer's SATAN. Read the story for yourself. [svn.net]
uh.. wrong product name? (Score:4, Informative)
It's now called Nagios [nagios.org]
Re:Wellenreiter (Score:5, Informative)
Wellenreiter only received 6 votes (even after correcting for poor spelling :) and 10 were needed to place #75. But since it is clearly a useful free tool, I just added a link to it in the Kismet entry. [insecure.org]
Thanks for the suggestion,
-Fyodor
Concerned about your network security? Try the free Nmap Security Scanner [insecure.org]
Re:I am surprised ... (Score:5, Informative)
AIDE [cs.tut.fi] only received 4 votes, while 10 were needed to place #75. But I agree that it is a useful free tool that potential Tripwire [tripwire.com] users should know about. And so I have added an AIDE link to that entry [insecure.org].
Thanks,
-Fyodor
Concerned about your network security? Try the free Nmap Security Scanner [insecure.org]
Re:friewall (Score:4, Informative)
OT: Secure your SGI today... (Score:3, Informative)
2) Install the security patches [sgi.com] for your version of IRIX (note that IRIX releases previous to 6.5.15 will probably not have the most recent security patches available).
3) If you're a security newbie, run the "Improve System Security" application... it can be found under the Security and Access Control section of the System Manager.
4) Install IPFilter [sgi.com], be sure to learn how to use it [sgi.com].
5) Subscribe [sgi.com] to SGI's security advisory mailing list.
6) Newbies outta read some of SGI's other sysadmin manuals as well:
Personal Sysadmin [sgi.com]
IRIX Admin [sgi.com]
7) Update your various freeware apps... be sure to read the seperate freeware security notice:
http://freeware.sgi.com [sgi.com]
Eeye (Score:4, Informative)
APTools (Score:4, Informative)
Re:Eeye (Score:3, Informative)
But I wonder if it's not a bad thing that these tools are starting to auto-fix so many items, like the aforementioned Retina and the registry issues. Call me old-fashioned, but I like my people to fix the problems on a box by actually getting onto the box and doing it from there. That way you can also tell if anything... funky... is going on. NT/2000 will do that to you sometimes. Responds to remote requests OK, but there's something going hogwild that you don't really notice until you get onto the console.
Plus, of course, the more people just click a button for scan, and another for fix, the less they'll know what to do if the "fix" button doesn't work in a certain case.