Nmap Security Tool Survey 104
spring writes "Every so often, the author of everyone's favorite network reconnaissance tool, nmap, runs a survey to determine which security-oriented software products are most popular. This year's tool survey was just released, and it contains some interesting results. Old favorites like Nessus, Snort, Netcat, and Ethereal made the list, of course. SAINT and SARA are still around. But a number of new tools appeared this year, like Windows-only GFI LANguard, SuperScan, and Cain & Abel. Nikto and Kismet demonstrate the growing importance of wireless networks. The survey contains many good tools. Certainly worth a read."
WAP Detectors (Score:4, Interesting)
What I want is something that scans for known MAC ID's or something to identifiy wireless access points without having to fly all over the country to do it.
There are plenty of wireless based scanners but they involve travel.
Any hints?
Strangely enough... (Score:5, Interesting)
Nessus is, however, a single tool, that can be as both useful to the white hat5 as it is the bl4ck hats.
It gets my number one tool vote as being as useful to both partys - yet completely impartial.
A very difficult road to tread indeed...
Timely article for my needs (Score:5, Interesting)
So I welcome any such article as the one posted here to help better educate me and get me up to date on the even the most mundane of utilities (I hadn't even heard of nessus/netcat)
I'm not a fresh unix convert or technically challenged, it's just that my occupation has demanded that I focus on front end and applicational development rather than network security and monitoring.
So to get by I've been using very basic common sense like running firewalls for port blocking, not running insecure services such as telnet and in the event that i have to (one of my servers is a multiuser webhost so I had to turn FTP on) research and run a more secure variant of that service (for FTP I opted for vsftpd over wu/pro)
And for security, besides my basic IP Masquerading and port blocking firewall (ya, it's that basic, I'm no guru) I run tripwire, which I run a sanity check daily as well as run snort.
This config runs on everyting from my OS X laptop to the RH9 boxes for dev/production serving and seems "ok" for the moment.
I do plan on evaluating/installing some kernal level patches to the RH boxen such as grsecurity [grsecurity.net] but I thought I'd use this topic to fish for pointers as I am also looking for some good educational material such as IP/Network configuration and indepth material on properly setting up an ironclad DMZ. So if anyone has some highly recommended links or knows of soome good books on amazon to point out or even comments to make here to give some pointers, i'd be much appreciative.
Wasn't nmap the tool of controversy from SGI? (Score:3, Interesting)
He developed it as a tool to help system administators secure their system but SGI did not like it because crackers could use it.
Was this SGI tool nmap or not? I was only 16 at the time and can't remember.
I am surprised ... (Score:2, Interesting)
Re:mac os X tools (Score:3, Interesting)
Anyway, if anyone here is interested in helping package Bastille for Mac, especially with that perl upgrade, please contact me!
- Jay