Penetration Testing mailing list archives
RE: Class on Security Tools
From: "rzaluski" <rzaluski () ivolution ca>
Date: Mon, 20 Dec 2004 14:09:51 -0500
It is not a bad tool at all. It is one of those nice-to-know tools. As mentioned in the previous post, it is updated and it is easy to use. My 2 cents Richard Zaluski, CCNA, CRCP CISO, Security and Infrastructure Services iVolution Technologies Incorporated 905.309.1911 866.601.4678 905.524.8450 (Pager) www.ivolution.ca rzaluski () ivolution ca ======================================================================= === CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender. Any unauthorized review, use, disclosure, or distribution is prohibited. ======================================================================= === PGP Key-ID: 85544DB6 PGP Key fingerprint: 0CD3 FB61 EAF1 11CA 8EC4 513A 75F2 6FC0 8554 -----Original Message----- From: GuidoZ [mailto:uberguidoz () gmail com] Sent: Sunday, December 19, 2004 2:42 AM To: Todd Towles Cc: Dan Tesch; Pen Test Subject: Re: Class on Security Tools Nice thoughts Todd. Another open source program I've been playing with lately that may be of interest to you - Attack Tool Kit or ATK (http://www.computec.ch/projekte/atk/). It's currently in version 3.0 and isn't bad at all. Here's a direct copy/paste from the "Introduction" "The acronym ATK stands for Attack Tool Kit. It was first developed to provide a very small and handy tool for Windows to realize fast checks for dedicated vulnerabilities. The special thing about ATK is that the tool is able to do the work without great interaction. But there is also always the possibility to vary and change the behaviour of the software. This concern the plugins, checking, enumeration and reporting. The user is not dependent of the ideas of the developers - If needed because of the modularity nearly every change can be done within a few seconds. ATK is absolutely free to use and distribute. The software is written in Visual Basic and underlies the General Public License (GPL)." The plug-ins are updated frequently with newly discovered exploits. I'd recommend peeking at it just for $hits and giggles if nothing esle. ;) -- Peace. ~G On Wed, 15 Dec 2004 11:39:44 -0600, Todd Towles <toddtowles () brookshires com> wrote:
Hey Dan, Kismet was not covered in your first class? I don't understand how much Kismet is overlooked and NetStumbler is shown. NetStumbler is great but it is limited, it open shows open networks. Close/Cloaked networks are growing and Kismet is one of the few software tools that will see you them along with many many other features. Depends on what area you mainly want to focus on, but attack tool range is pretty wide. Hydra, for example. I would also hit on the new trend of Google hacking. Google is used by hackers and pen-tester alike to gather huge amount of information about a target. There is even a book being released soon, Google hacking for Pen-Testers - I believe. Wikto is a Windows Nikto-like tool with Google hack features. Of course, on the network side you have ettercap, packet sniffers like Ethereal and Dsniff. It all depends on where you want to focus. There are various wireless attack tools that shouldn't be overlooked. I would include the EBCD in the remediation/protection tool class instead of the attack class. Snort, Tripwire and the MBSA are good tools as well. The greatest protection measure you can have is knowledge. Knowing what services are running and why, what version they are and if there are updates for them. It takes time to watch the internet for news and alerts and active exploit, but you will learn where and when to focus your software measures to optimize your security. BTW, Helix is a great LiveCD for Windows Server Forensics Analysis. Of course, this is all just my 2 cents and open for discussion. =) -Todd-----Original Message----- From: Dan Tesch [mailto:dan.tesch () comcast net] Sent: Wednesday, December 15, 2004 7:18 AM To: Pen Test Subject: Re: Class on Security Tools Certainly Nessus should be covered, you could touch on NeWT. www.nessus.org http://www.tenablesecurity.com/ --------------------------------------------------------- I am helping teach a class to the ISSA of Northwest Ohio, here in Toledo. The next class will be the second part of a series on security tools. Last class we went over scanning tools such as nmap, NetStumbler, nikto, and a couple others. This next class will be focused on attack tools. We were planning on presenting Metasploit, EBCD for password changes, and a couple other tools. My question is - what (free) tools should we give a brief overview of? The class is technical, mostly comprised of IT directors and the like. Most are not dedicated security staffers, but rather have that as part of their job responsibility. We don't have to go in depth, but we are demonstrating on a network we have built for this purpose. Next month we will be doing remediation/protection tools. I was thinking about showing Snort, Tripwire, Microsoft Baseline Security Analyzer, and a couple others. Any ideas on that? Thanks in advance, Joe Traband jtraband () itscomputersolutions com
Attachment:
rzaluski@ivolution.ca (rzaluski@ivolution.ca).vcf
Description:
Current thread:
- Class on Security Tools Joe Traband (Dec 15)
- Re: Class on Security Tools Dan Tesch (Dec 15)
- RE: Class on Security Tools Mike Bailey (Dec 16)
- <Possible follow-ups>
- RE: Class on Security Tools Todd Towles (Dec 15)
- Re: Class on Security Tools GuidoZ (Dec 20)
- RE: Class on Security Tools rzaluski (Dec 21)
- Re: Class on Security Tools Marko Rogge (Dec 21)
- Re: Class on Security Tools GuidoZ (Dec 20)