Educause Security Discussion mailing list archives
Re: Security Assessment Tools
From: Randy Marchany <marchany () VT EDU>
Date: Tue, 31 Oct 2006 12:42:18 -0500
Here's my list of assessment tools: 1. Vulnerability/Port Scanners - Nessus (mentioned in a previous note) is still the best even though their licensing has changed. - nmap - still the best of the port scanner, OS identification tools and builtin most Linux distros. - Active Ports - host based GUI version of netstat or lsof that attempts to map system processes to port listeners. 2. Configuration Tools - Center for Internet Security NG Tool/Benchmark for Windows - free from www.cisecurity.org. Provides a consensus benchmark and scanning tool that compares system settings with the benchmark. Provides a numeric score showing what % of your setting match the benchmark - Microsoft Baseline Security Analyzer v2.0 - scans local and remote systems and provides a nice report of system settings. - Belarc Advisor - similar to MBSA but harder to find these days 3. Exploit tools - Metasploit Framework - freeware suite of exploits and payloads for various platforms. Good to actually test your security. Available from www.metaploit.org. - Commercial pent test tools include CoreImpact and Canvas Immunity. 4. Web Application Security - Paros - excellent tool with spider capabilities, limited security scan capabilities, ability to freeze www transactions and allow for dynamic replacement of www strings. Also, does some minor cross site scripting tests. -WebScarab - available from www.owasp.org. Another good web security tool that allows you to replace session ID, cookie values to test web app security. 4. 1 stop shop - Backtrack (formerly Auditor) available from www.remote-exploit.org. This is the big daddy of toolkits. Standalone Knoppix implementation that contains most of the tools mentioned above plus a whole suite of password crackers, enumeration tools, wireless security tools and more. You need this suite to fully assess your assets. We use all of these for our security reviews. We'd be lost without them. Of course, there are commercial products that do the same thing and have better reporting capabilities. I've always maintained that to properly evaluate a commercial tool, you need to get experience with the freeware version of similar tools. -Randy Marchany VA Tech IT Security Lab
Current thread:
- Security Assessment Tools John Kaftan (Oct 30)
- <Possible follow-ups>
- Re: Security Assessment Tools John Tooley (Oct 30)
- Re: Security Assessment Tools Petreski, Samuel (Oct 30)
- Re: Security Assessment Tools Chad McDonald, CISSP, CISA (Oct 31)
- Re: Security Assessment Tools Nick Fasano (Oct 31)
- Re: Security Assessment Tools WILLIAM I ARNOLD (Oct 31)
- Re: Security Assessment Tools Jason Richardson (Oct 31)
- Re: Security Assessment Tools Bill Ogle (Oct 31)
- Re: Security Assessment Tools Randy Marchany (Oct 31)