Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nmap Security Tool Survey

Posted by michael on from the portscanning-for-fun-and-profit dept.

spring writes "Every so often, the author of everyone's favorite network reconnaissance tool, nmap, runs a survey to determine which security-oriented software products are most popular. This year's tool survey was just released, and it contains some interesting results. Old favorites like Nessus, Snort, Netcat, and Ethereal made the list, of course. SAINT and SARA are still around. But a number of new tools appeared this year, like Windows-only GFI LANguard, SuperScan, and Cain & Abel. Nikto and Kismet demonstrate the growing importance of wireless networks. The survey contains many good tools. Certainly worth a read."

15 of 104 comments (clear)

  1. Security tools are awesome, but.... by whiteranger99x · · Score: 5, Insightful

    remember that these tools aren't going to be the "end all/be all" of network security.

    You also have to have a good preventive security plan, which these tools will help out in. However, there should also be a plan of action should these security measures get bypassed (i.e. an insider job, program exploits, trojans, etc...)

    But that's just my contention...

    --
    Join the TWIT army now!
    1. Re:Security tools are awesome, but.... by FiDooDa · · Score: 5, Insightful

      remember that these tools aren't going to be the "end all/be all" of network security.

      isn't why they are called tools and not solutions ?!?!

    2. Re:Security tools are awesome, but.... by SEWilco · · Score: 4, Insightful

      There is also no requirement to depend upon a single tool. Having alarms on your doors doesn't protect your windows. Perimeter detectors establish a fence, while tripwires, beams, and area detectors offer notification of activity in different ways -- and design is affected by issues such as whether or not you have a cat. Don't limit your design to only using one tool, consider your needs and the variety of tools.

  2. Fine set of tools. by Jack+Va1enti · · Score: 5, Funny

    Hilary and I intend to run these against every machine in the world, ferreting out and destroying those eeeevil P2P pirates!

  3. Re:Ethereal a security tool ? by the+uNF+cola · · Score: 4, Insightful

    You'd be surprised. tcpdump/ethereal is great for say, when some jerk is trying to DOS you and you need to know how.

    Knowing the how allows you to put in filters. Filters allows you to operate.

    --

    --
    "I'm not bright. Big words confuse me. But Wanda loves me and that should be enough for you." - Cosmo

  4. Re:Ethereal a security tool ? by hbackert · · Score: 4, Insightful

    It's a nice way to check a connection is not made, that packets do not go out of one or another interface, that traffic is encrypted. tcpdump can do the same (except follow TCP traffic, which is very enlightning for users who like telnet).

    So while Ethereal does not increase security by itself, it does add security by making it possible to check out the packets. That makes is IMHO a security tool.

  5. mac os X tools by FiDooDa · · Score: 5, Informative

    for those interested in sec tools on mac OS X, here is a small list of tools to add :

    rpg password generator
    kismac a kismet equivalent that also includes a WEP cracker. very nice!
    macanalysis a really good security tools suite

  6. Wellenreiter by Echelon309 · · Score: 5, Informative

    Although it wasn't on the list, Wellenreiter is really great wireless scanner. Plus, it runs on the Zaurus under OZ3, which makes it great for less conspicuous scanning since you don't have to lug a laptop around.

    1. Re:Wellenreiter by fv · · Score: 4, Informative
      > Although it wasn't on the list, Wellenreiter is really great wireless scanner.

      Wellenreiter only received 6 votes (even after correcting for poor spelling :) and 10 were needed to place #75. But since it is clearly a useful free tool, I just added a link to it in the Kismet entry.

      Thanks for the suggestion,
      -Fyodor
      Concerned about your network security? Try the free Nmap Security Scanner

  7. Strangely enough... by GC · · Score: 4, Interesting

    While all these tools turn out to be the Security Analyst's bible to utopia, they're also the ultimate cracker tools, missing only the Xploits that the old neverending line of script-kiddies use to bypass each and every point that these tools do their best to detect.

    Nessus is, however, a single tool, that can be as both useful to the white hat5 as it is the bl4ck hats.

    It gets my number one tool vote as being as useful to both partys - yet completely impartial.

    A very difficult road to tread indeed...

  8. Timely article for my needs by l0ungeb0y · · Score: 5, Interesting

    In the last couple weeks I've amassed a few servers and a client network so, I've had no choice but to become a sysadmin. Which is not what I consider myself (I'm a graphic designer/Web App Programmmer) but, for the sake of responsibility, I find myself fast becoming one.

    So I welcome any such article as the one posted here to help better educate me and get me up to date on the even the most mundane of utilities (I hadn't even heard of nessus/netcat)

    I'm not a fresh unix convert or technically challenged, it's just that my occupation has demanded that I focus on front end and applicational development rather than network security and monitoring.

    So to get by I've been using very basic common sense like running firewalls for port blocking, not running insecure services such as telnet and in the event that i have to (one of my servers is a multiuser webhost so I had to turn FTP on) research and run a more secure variant of that service (for FTP I opted for vsftpd over wu/pro)

    And for security, besides my basic IP Masquerading and port blocking firewall (ya, it's that basic, I'm no guru) I run tripwire, which I run a sanity check daily as well as run snort.

    This config runs on everyting from my OS X laptop to the RH9 boxes for dev/production serving and seems "ok" for the moment.

    I do plan on evaluating/installing some kernal level patches to the RH boxen such as grsecurity but I thought I'd use this topic to fish for pointers as I am also looking for some good educational material such as IP/Network configuration and indepth material on properly setting up an ironclad DMZ. So if anyone has some highly recommended links or knows of soome good books on amazon to point out or even comments to make here to give some pointers, i'd be much appreciative.

  9. Security for the home user by OneArmedMan · · Score: 5, Funny

    1) Unplug the power cords and network cables / phone lines.
    2) Put it back in the box.
    3) Send it back to the place that you bought it from.

    Sure its not very practical, but it would make my job a hell of a lot easier

    1. Re:Security for the home user by OneArmedMan · · Score: 4, Funny

      Nah, I'll always have my job, cause there are always people who say "But my *expert friend said*, followed by *and then my pc just stoped working*. At which point my fee / hour doubles

  10. Re:Wasn't nmap the tool of controversy from SGI? by IvyMike · · Score: 4, Informative

    You're almost certainly thinking of Dan Farmer's SATAN. Read the story for yourself.

  11. Re:I am surprised ... by fv · · Score: 4, Informative
    > I am surprised that aide was not listed.

    AIDE only received 4 votes, while 10 were needed to place #75. But I agree that it is a useful free tool that potential Tripwire users should know about. And so I have added an AIDE link to that entry.

    Thanks,
    -Fyodor
    Concerned about your network security? Try the free Nmap Security Scanner