Subscribe by Email


Friday, November 8, 2013

Quick detail of some network security tools

Every web application and site can face pretty intense security threats such as cross site scripting, account hacking and so on, with new ones emerging on a regular basis. The load on the security providing vendors is increasing day by day for building products that offer more security while being able to respond quickly to new threats. As we develop new security measures and tools, the attackers also develop new methods for hampering the security. Some of the network security tools have to be paid for while others are open source tools (that can help you a lot and are effective). To a great extent these tools perform the task exactly as you like it but sometimes their settings have to be customized as per the security needs of the structure of the network. Some examples of the open source tools are Ettercap, nikto, Nessus etc. discussed below:
1. Wireshark: This is a multi – platform network protocol analyzer which is available as an open source tool. Using it the data can be examined from a file captured on the disk or from a live network. The data can be browsed and the exact details can be obtained. It comes with very useful features such as filter language with a rich display, and a view of the reconstructed TCP session stream. It also comes with support for a number of media types and protocols.
2. Metasploit: This one is also an open source tool but with advanced features for development, and testing of the exploit code. Metaspoilt framework is now being used as an exploitation research outlet because of the extensible models which is used for integrating the encoders, exploits, payloads and no – op generators. This tool makes it easy for you to write your own exploits. An official java based GUI is now included with the framework.
3. Nessus: This tool provides excellent capabilities for scanning the potential vulnerabilities of the unix systems. Initially it was an open source tool till 2008. It now comes for a good price and is still ahead of many of its competitor. A licensed version is also available for use in the home network. The tool boasts of having a whopping 46000 plugins. Some features are embedded scripting language that allows you to write your own plugins, client – server architecture having a web – based interface, local as well as remote security checks.
4. Aircrack: This is a tool suite developed especially for the 802.11 a/b/g WEP and WPA cracking. This tool makes use of the well-known cracking algorithms for recovering the wireless keys. This it does only after the encrypted packets have been gathered. Some of the tools in this suite are airodump, aircrack, airdecap, aireplay and so on.
5. Snort: This tool has proved very good in detecting and preventing network intrusions. This is a very effective tool for analysis of traffic and packet logging on the networks. The tool has capability of detecting 1000s of worms by means of content searching, protocol analysis, pre – processors and so on. It is also capable of port scanning, vulnerability exploit attempts etc. it is based up on a rule – based language which is quite flexibility.
6. Cain and Abel: This is a tool that has been developed for handling the windows – only password recovery and for handling various other tasks as well. It is capable of performing the following functions:
- Recovery of the password by sniffing the network.
- Cracking the passwords that are encrypted by means dictionary.
- Cryptanalysis and brute – force attacks.
- Recording the VoIP conversations
- Revealing the password boxes.
- Decoding the scrambled passwords.
- Analyzation of the routing protocols.
The tool comes with proper documentation.

There are others as well, this is a quick summary of some of them. If you use others or have some feedback, do let me know via comments.


No comments:

Facebook activity