Tuesday, June 27, 2006

Infosec 101: Top 100 Network Security Tools

These are not for everyone but knowing these tools and knowing how to use them properly can make a netizen's life a bit more secure and safe.  Here's the top ten of the top 100 Network Security Tools:

  1. Nessus -- this is the "king" of vulnerability assessment tools.  A Unix/Linux based utility that can scan a computer (or a server) for any known security issue.  There are "better" commercial products but being free and open source keeps Nessus on top of the list.
  2. WireShark (formerly known as Ethereal) -- Useful network sniffing program for both *nix and Windows platform.  A really handy program for troubleshooting network traffic-related problems
  3. Snort -- The everygeek's favorite Intrusion Detection System (IDS).  Used in conjunction with other programs, Snort helps detect if there are suspicious activities on a network.
  4. NetCat -- This is a simple yet powerful utility that reads and writes data across a TCP or UDP connection.  A favorite hacker tool (and remote administrators too).
  5. Metasploit Framework -- A collection of known exploits for different systems, Metasploit Framework is a handy tool to have so an administrator can determine if his system is vulnerable to old and newly discovered exploits.
  6. HPing2 -- The highly customizable version of Ping.
  7. Kismet -- My favorite wireless sniffer.  Kismet can show hidden SSIDs and can even act as a wireless packet sniffer (in the tradition of WireShark and Ethereal).
  8. TCPDump -- a lightweight packet sniffer (like the "gold standard" WireShark)but works with less system resources.
  9. Cain and Abel -- This is a useful but dangerous tool to have.  Basically, Cain and Abel is a Windows-only password recovery utility that works on a wide range of protocols.  It employs a variety of methods to recover lost passwords.
  10. John the Ripper -- A fast, powerful pasword hash cracker available for the *nix and Windows platform.

For a complete list of the top 100 Network Security Tools, head on over to sectools.org

WARNING: Please do not use these tools for system intrusion.

technorati tags:, , ,

Blogged with Flock

No comments: