Security Basics mailing list archives
RE: Risk analysis tools?
From: "A.G. Williams" <drew911s () yahoo com>
Date: Thu, 6 Feb 2003 09:44:45 -0800 (PST)
There are scores of risk analysis tools in the marketplace. It greatly depends on the type of analysis you want to perform, and the level you want to go. If you are looking for simple network penetration tools, you can get those off the Internet. But it's generally the "buyer-beware" rule. From my experience as a former product manager for some of the leading technologies in network and host assessment and IDS, I'd actually recommend technologies we competed against--some of which have gone from the freeware to legitimate corporate-driven technologies. Tools from SAINT and SourceFire (Marty Rousch's new company) would be essential in your search, and if you're interested in good network mapping and scanning, take a good look at the NESSUS stuff, and NMap. I also heard rumor that Dan Farmer was planning to commercialize his COPS application. Anything Farmer did would be top-notch quality. Also beware of the cutesy graphic-generation tools that show the pretty pictures of your network. They might look good on the screen or as a background in a NOC, but they do little to actually mend fences and notify of events actually dangerous to your infrastructure. Most of the stuff regarding "event analysis" is tied to auditing. So be sure to look at good audit tools as part of your risk management plans. NetForensics has some interesting technology, but more importanly, some good developers. Some of my friends at NetIQ say they've got some good stuff as well--so I'd suggest you look over the NetIQ/PentSafe tools. But on a more "businessy" note, it's one thing to run an application to identify risks--remember that you need to use some form of risk management methodology to actually address the stuff you find. That's where the real "Intrusion Prevention" becomes more than a marketing buzz phrase. But most importantly, don't trust the new guys on the block. Just because they think they created something in a university lab, or got funding from some private venture partner who didn't know anything about the current trends in IT Sec technology, doesn't mean they're making a better mouse trap. Stick with the veterans who pioneered this stuff. It's always best to follow the people, as the technology can often be over- or (in most cases), UNDER-developed. Good luck. Drew Williams
-----Original Message----- From: Marsman-Polhuys, Henk (fin) [mailto:Henk.Marsman-Polhuys () ordina nl] Sent: Monday, January 27, 2003 2:01 AM To: security-basics () securityfocus com Subject: Risk analysis tools? Hi, don't know if this is the right list to post this, but I'm just gonna try. I'm looking for some risk analysis tools or methods that can be used in the infosecurity process. Anyone got any recommendations or ideas? Rgdz, Henk -----Oorspronkelijk bericht----- Van: Michael Parker [mailto:mparker () rim net] Verzonden: woensdag 22 januari 2003 20:01 Aan: David Andersson; security-basics () securityfocus com Onderwerp: RE: Computer Forensics Try this... http://computerforensics.net/ Regards, Sincerely, Michael, MCP, GSEC, BCCSA BlackBerry Technical Support Research in Motion, Ltd. Tel: 1-877-BLK-BERRY Email: help () BlackBerry net Web: www.BlackBerry.net Important Notice: As of February 1, 2003, BlackBerry customers who have purchased through RIM will need to purchase a technical support package to continue receiving BlackBerry Technical Support direct from RIM. To learn more about this change in policy and to find out about the available BlackBerry technical support options, visit www.blackberry.com/go/supportoptions For on-line technical assistance, please refer to our website at the links below: Technical FAQ:
http://www.BlackBerry.net/knowledgecenter/livelink.exe
Paging FAQ: http://www.BlackBerry.net/support/paging/index.shtml -----Original Message----- From: David Andersson [mailto:dlandersson () hotmail com] Sent: January 19, 2003 11:13 AM To: bstoneburner () wcisteel com; security-basics () securityfocus com Cc: atarata () bigpond net au Subject: Re: Computer Forensics Greetings, We're experiencing an upsurge in computer forensics queries. Can anyone suggest any links to relevant information, certifications, etc.? Dave Andersson MCT, CIW Security Analyst, CCNA
-----------------------------------------------------------------------
This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you.
__________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Current thread:
- RE: Risk analysis tools? sharon_joyner (Feb 05)
- RE: Risk analysis tools? A.G. Williams (Feb 06)