Digg This!     StumbleUpon     Del.icio.us

Digg This!     StumbleUpon     Del.icio.us

VIEW ALL IN THIS CATEGORY

RELATED CONTENT Penetration Testing and Ethical Hacking Security site assessment FAQ: Podcast with Joel Scambray Penetration testing 101: How to offer pen test services How to prepare for network penetration testing services Network penetration tools Top five security service provider tips of 2007 Penetration testing tutorial for service providers An introduction to penetration testing and its legal implications for VARs and consultants Penetration testing reconnaissance -- Footprinting, scanning and enumerating Network penetration testing: Ethical hacking tools and techniques Penetration testing -- Big bad bugs Network Security How to help customers choose a network access control product Offering SaaS for securing mobile devices How to perform a network security audit for customers Cracks in WPA? How to continue protecting Wi-Fi networks Host-based IDS/IPS Partner Program Directory Network security algorithms introduction Searching for multiple strings in packet payloads Approximate string matching Detecting worms IP traceback via logging More resources Are required tools and people available to complete work on schedule? Nmap Tutorial: How to use the open source network scanner Nessus Tutorial: Using the open source vulnerability scanning tool

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

line -->
[IMAGE]   • Available from Tenable Network Security

[IMAGE]   • Free for basic application or pay option available for full-featured program/Linux/Mac/Windows.

[IMAGE] This popular hacking tool is primarily a vulnerability scanner that queries servers on the network, identifies security vulnerabilities and rates them according to severity.

[IMAGE] The basic scanner is free but the vulnerability database on the free version will not have the most current vulnerabilities and updates to the database are limited. The paid version removes this restriction and provides a "live feed" in which the vulnerability database is constantly updated.

[IMAGE] The Nessus security assessment tool can also search for sensitive information through the use of a configurable content scanner. If your company stores personal identity information, Nessus can help you identify where this information is kept so you can take appropriate measures to ensure this data is as safe as can be (this extra protection is a requirement of most compliance regulations).

[IMAGE] Nessus can look at access permissions on both sides of the firewalls, enumerate shares, and identify unnecessary services running on servers. Misconfiguration of permissions, shares and services are routes that hackers often use to gain access to a network.

[IMAGE]Nmap

[IMAGE]   • Available from Insecure

[IMAGE]   • Free for Linux/Mac/Windows

[IMAGE] Nmap is a powerful security assessment tool capable of scanning very large and complex networks. It identifies what services are running, what operating systems are in use and what type of packet filters/firewalls are employed. Nmap also works like a bloodhound to track down strange connections that might indicate an infection or security breach.

[IMAGE] All of this is exactly the information a hacker needs to begin exploiting a network. It's like a robber casing a bank and discovering where the weaknesses are. In the case of a security audit, it's important that service providers and consultants have this information beforehand so they can take steps to hide information from prying eyes.

[IMAGE] While vulnerability scanners are usually at the top of the list of important hacking tools, it's equally important to truly know the network for a complete security assessment.

[IMAGE]Core Impact

[IMAGE]   • Available from Core Security

[IMAGE]   • Must pay for tool. Price varies for Windows only.

[IMAGE]Since many companies store customer information on databases connected to Web-based applications, it's important to ensure that information cannot be drawn out of the database. Core Impact not only identifies Web servers, Web applications, ports and services, it simulates actual attacks to see if the Web servers/applications are vulnerable.

[IMAGE]After checking for vulnerabilities the penetration testing tool completely backs out of the network by removing all code that was used to scan and attack. Because it's very easy to inadvertently upset a network during penetration testing, it's important to use a tool that prevents disruption of a client's network.

[IMAGE]Kismet

[IMAGE]   • Kismet is available from Kismet Wireless

[IMAGE]   • Free for Mac/Windows/Linux

[IMAGE] Aircrack

[IMAGE]   • Aircrack is available from Aircrack

[IMAGE]   • Free for Mac/Windows/Linux

[IMAGE]Kismet is a wireless sniffer for detecting 802.xx networks and access points. Aircrack is a very fast wireless encryption cracker. These two wireless security assessment tools are included as a pair here because it's not good enough just to find wireless networks -- you need to see if you can break the encryption to gain access.

[IMAGE]In a proper security assessment you need to check that wireless networks cannot be accessed from outside the company. It's not uncommon for employees to bring in their own wireless access points and connect them to the corporate network without permission. Kismet finds these rogue access points so they can be disabled.

[IMAGE]Conclusion

[IMAGE]This list represents a very small sample of the tools available and your choices may vary. However, the list contains enough tools to get you started. We must note that it can take a while to fully understand the complexities and subtleties of the products mentioned. There are books available for most of these tools and there is also good online support through forums and documentation.

For more information on penetration testing and ethical hacking tools, check out our Penetration testing tutorial for service provders.

About the author
Chey Cobb has 20 years of experience in the security industry and is the former senior technical security advisor for one of the top intelligence agencies in the country. Cobb was also in charge of security for the largest computing facility in the Southern Hemisphere. Additionally, she is a professor in the master of science program in information assurance at Norwich University.

Rate this Tip To rate tips, you must be a member of SearchSecurityChannel.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.