Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security

Nmap Security Tool Survey 104

Posted by michael from the portscanning-for-fun-and-profit dept.
spring writes "Every so often, the author of everyone's favorite network reconnaissance tool, nmap, runs a survey to determine which security-oriented software products are most popular. This year's tool survey was just released, and it contains some interesting results. Old favorites like Nessus, Snort, Netcat, and Ethereal made the list, of course. SAINT and SARA are still around. But a number of new tools appeared this year, like Windows-only GFI LANguard, SuperScan, and Cain & Abel. Nikto and Kismet demonstrate the growing importance of wireless networks. The survey contains many good tools. Certainly worth a read."
This discussion has been archived. No new comments can be posted.

Nmap Security Tool Survey More

Nmap Security Tool Survey

Comments Filter:

  • WAP Detectors (Score:4, Interesting)

    by muzzmac ( 554127 ) on Sunday May 04, 2003 @09:27PM (#5878085)
    Has anyone seen a decent piece of software that can find WAP's on your network by scanning from the wired part of your network?

    What I want is something that scans for known MAC ID's or something to identifiy wireless access points without having to fly all over the country to do it.

    There are plenty of wireless based scanners but they involve travel.

    Any hints?

  • Strangely enough... (Score:5, Interesting)

    by GC ( 19160 ) on Sunday May 04, 2003 @09:40PM (#5878140)
    While all these tools turn out to be the Security Analyst's bible to utopia, they're also the ultimate cracker tools, missing only the Xploits that the old neverending line of script-kiddies use to bypass each and every point that these tools do their best to detect.

    Nessus is, however, a single tool, that can be as both useful to the white hat5 as it is the bl4ck hats.

    It gets my number one tool vote as being as useful to both partys - yet completely impartial.

    A very difficult road to tread indeed...

  • Timely article for my needs (Score:5, Interesting)

    by l0ungeb0y ( 442022 ) on Sunday May 04, 2003 @09:42PM (#5878148) Homepage Journal
    In the last couple weeks I've amassed a few servers and a client network so, I've had no choice but to become a sysadmin. Which is not what I consider myself (I'm a graphic designer/Web App Programmmer) but, for the sake of responsibility, I find myself fast becoming one.

    So I welcome any such article as the one posted here to help better educate me and get me up to date on the even the most mundane of utilities (I hadn't even heard of nessus/netcat)

    I'm not a fresh unix convert or technically challenged, it's just that my occupation has demanded that I focus on front end and applicational development rather than network security and monitoring.

    So to get by I've been using very basic common sense like running firewalls for port blocking, not running insecure services such as telnet and in the event that i have to (one of my servers is a multiuser webhost so I had to turn FTP on) research and run a more secure variant of that service (for FTP I opted for vsftpd over wu/pro)

    And for security, besides my basic IP Masquerading and port blocking firewall (ya, it's that basic, I'm no guru) I run tripwire, which I run a sanity check daily as well as run snort.

    This config runs on everyting from my OS X laptop to the RH9 boxes for dev/production serving and seems "ok" for the moment.

    I do plan on evaluating/installing some kernal level patches to the RH boxen such as grsecurity [grsecurity.net] but I thought I'd use this topic to fish for pointers as I am also looking for some good educational material such as IP/Network configuration and indepth material on properly setting up an ironclad DMZ. So if anyone has some highly recommended links or knows of soome good books on amazon to point out or even comments to make here to give some pointers, i'd be much appreciative.

  • Wasn't nmap the tool of controversy from SGI? (Score:3, Interesting)

    by Billly Gates ( 198444 ) on Sunday May 04, 2003 @09:50PM (#5878187) Journal
    I remember back in 94 about a SGI product manager being fired for releasing a tool( nmap??). Basically Irix was being hacked to death and he wanted to do something about it.

    He developed it as a tool to help system administators secure their system but SGI did not like it because crackers could use it.

    Was this SGI tool nmap or not? I was only 16 at the time and can't remember.

  • I am surprised ... (Score:2, Interesting)

    by Anonymous Coward on Sunday May 04, 2003 @09:55PM (#5878206)
    I am surprised that aide was not listed. It is a free equivalent to tripwire (which is on the list), and works very well for my needs on both Linux and FreeBSD.

  • Re:mac os X tools (Score:3, Interesting)

    by jjb ( 250135 ) <jay.bastille-linux@org> on Sunday May 04, 2003 @11:40PM (#5878607) Homepage
    kismac looks pretty cool for wireless audits. BTW, Bastille Linux is even more badly misnamed -- we've got it working on Mac OS X now! It takes a perl compile and a tweak to perl-Tk, but it works under X on Mac.

    Anyway, if anyone here is interested in helping package Bastille for Mac, especially with that perl upgrade, please contact me!

    - Jay

Slashdot Top Deals

"Engineering without management is art." -- Jeff Johnson

Close