RE: Class on Security Tools

["Mike Bailey" <gnetic () charter net>]

Although more of scanner, Cain from Oxid.it could be demonstrated as a
passive attack tool / active data collector.

Ettercap is something else that would work nicely for the class.

Since you're going to demo Metasploit you could also toss in a basic demo or
talk about Ollydbg and explain the shellcoding process. 


> -----Original Message-----
> From: Joe Traband [mailto:jtraband () itstechnologies com] 
> Sent: Tuesday, December 14, 2004 1:49 PM
> To: pen-test () securityfocus com
> Subject: Class on Security Tools
>
> I am helping teach a class to the ISSA of Northwest Ohio, 
> here in Toledo. The next class will be the second part of a 
> series on security tools. Last class we went over scanning 
> tools such as nmap, NetStumbler, nikto, and a couple others.
>
> This next class will be focused on attack tools. We were 
> planning on presenting Metasploit, EBCD for password changes, 
> and a couple other tools. My question is - what (free) tools 
> should we give a brief overview of? The class is technical, 
> mostly comprised of IT directors and the like. Most are not 
> dedicated security staffers, but rather have that as part of 
> their job responsibility. We don't have to go in depth, but 
> we are demonstrating on a network we have built for this purpose.
>
> Next month we will be doing remediation/protection tools. I 
> was thinking about showing Snort, Tripwire, Microsoft 
> Baseline Security Analyzer, and a couple others. Any ideas on that?
>
> Thanks in advance,
> Joe Traband
> jtraband () itscomputersolutions com