Topics:
Security
5 Open-Source Security Tools For Your Arsenal
I sat in on a class earlier this week at the Software Security Summit in Baltimore where Will Kruse, a software security consultant with software risk management firm Cigital, ran down a list of his favorites: 1) Network Mapper, or Nmap, is an open-source utility for network security auditing. Using Nmap, "people can find out a lot of information just by being on your network," Kruse said during his class. This includes Mac addresses, usernames, operating systems running within a network, the types of network routers in use, and which ports are open. Do a network security audit, and you're likely to find hosts you didn't know existed and services that shouldn't be running, Kruse said. Nmap is already included with a number of operating systems, including Red Hat Linux, Debian Linux, Gentoo, FreeBSD, and OpenBSD. (In keeping with my earlier theme of hackers and glamour, I neglected to mention The Matrix's Trinity [Carrie-Anne Moss], who not only does flying kicks but also actually uses Nmap in The Matrix Reloaded.) The best way to defend against Nmap's prying eyes, Kruse said, is to deploy an intrusion detection system, network honeypots, and firewalls, as well as turn off any unnecessary services and keep up to date with the latest software patches. 2) Nessus is a security scanner for Linux, BSD, Solaris, and other flavors of Unix. In addition to helping network administrators and security professionals detect problems, Nessus also generates a risk value that can be used to assess a situation's seriousness. "It cranks out an amazing amount of data, which is not very stealthy," Kruse said. "People can tell when you're using it on their network." Kruse recommends using Nessus on your own network and then fixing any problems you find. That way, if an attacker tries to use Nessus against your network, you'll have addressed the most significant points of vulnerability. 3) Nikto is a Web server scanner that performs tests against Web servers to assess their strengths and weaknesses. Nikto isn't the stealthiest piece of software around and, as its Web site admits, is fairly obvious in log files. (Still another movie reference: "Klaatu barada nikto" comes from the 1951 sci-fi classic The Day The Earth Stood Still. No Angelina or Hugh, but Gort certainly looked good in that 7-foot, 7-inch silver suit.) 4) WebScarab is a Web application and Web service scanning tool available from the Open Web Application Security Project. Written in Java, WebScarab records the requests and responses it observes and allows an administrator or attacker to review them in a number of ways. Kruse noted that WebScarab isn't an automated tool like Nmap or Nikto and therefore isn't as easy to use. 5) In my own travels on the Web, I also came across a utility program called IceSword, which can be used to detect the presence of rootkits on systems in your network. IceSword, which is written in Chinese, includes a number of tools, including a process viewer, a startup analyzer, and a port enumerator. You'll probably never look as good behind a keyboard as Carrie-Anne, Angelina, or Hugh. But at least now you're armed with some tools that even they (or their characters, at least) would envy. « How Will Tagged Drugs, RFID On Clothing, And Human Chips Affect Your Privacy? | Main | Daily News Podcast For Monday, June 12 » |
| Sign Up Now For InformationWeek News Alerts |
This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
