Transcription
Hosted byManagement, Troubleshooting andSecurity Tools That Every ITProfessional Should OwnLaura ChappellSr. Protocol/Security AnalystProtocol Analysis Institute, LLCwww.packet-level.com
Hosted byWarning!Make sure you haveappropriate authorization torun these tools on yournetwork.
Hosted byTools Covered in this Session Ethereal TCPView Hex Workshop Cain and Abel NetScanTools Pro Hurricane Search Packet Builder Aida32 Auditor(Everest) Visual Route Secure USB Drive LANGuard NetworkScanner
Hosted byEtherealPrice:Free; distributed under theGNU licenseLink:www.ethereal.comGeneral: Protocol analyzer; requireswinpcap to run over W32platform (available atwinpcap.polito.it
Hosted byLocate Network Faults, Clear TextPasswords and Unencrypted Data
Hosted byHex WorkshopPrice:US 49.95Link:www.bpsoft.comGeneral: General hex editor; includesBase Converter applet
Hosted byOpen Suspect Files
Hosted byNetScanTools ProPrice:US 199.00Link:www.netscantools.comGeneral: Multifunction tool thatincludes Wizard tool to helptrace back and identify adevice
Hosted by
Hosted byPacket l: Runs on winpcap; download .rsb scripts (Packet Builderwas formerly called “Rafale”)
Hosted byTest Flood Vulnerabilities
Hosted byPacket l: Runs on winpcap; download .rsb scripts (Packet Builderwas formerly called “Rafale”)
Hosted bySecure USB DrivePrice:US 89-749Link:Various
Hosted byDo you own a USB drive?1. Yes2.No233%167%
Hosted byHave you ever stored confidentialinformation on that drive?1. Yes2.133%No267%
Hosted byFind Evidence on a Hard Drive
Hosted l: TCP connection and UDPendpoint tracking; teardown connections
Hosted byLog Active Connections/Endpoints
Hosted byCain & AbelPrice:FreeLink:www.oxid.idGeneral: Read and clean protectedstorage – other wonderfultricks
Hosted by Protected storage revealer LSA secrets revealer PIX password calculator Cisco Type-7 password decoder VNC password decoder Box revealer RSA SecurID token calculator Access database password decoder
Hosted ral: Perform local and remotesystem audits (softwareand hardware)
Hosted byAuditLocal orRemoteSystems
Hosted byHave you performed a vulnerabilityscan on your own network?1. Yes67%2. Yes, but it was lame3. No33%4. Not yet, but we’replanning on it0%10%234
Hosted byLANguard Network ScannerPrice:US 295 and upLink:www.gfi.comGeneral: Vulnerability scanner; OSfingerprinting; port scanning;locate open shares; locate cgiscript vulnerabilities;patch/hotfix detection
Hosted byLocate Open PortsShares and Unpatched Systems on the Network
Hosted byVisualRoutePrice:US 49.95 and upLink:www.visualware.comGeneral: Visual representation oftraceroute operation; includeswhois functionality.
Hosted byVisual Trace Back
Hosted byConclusion There are great inexpensive tools for ITprofessionals Ensure you have permission before usingthese tools on the company network Send me your tools list!lchappell@packet-level.com
General: Runs on winpcap; download . rsb scripts (Packet Builder was formerly called "Rafale") Packet Builder. Hosted by Test Flood Vulnerabilities. Hosted by Price: Free . LANguard Network Scanner. Hosted by Locate Open Ports Shares and Unpatched Systems on the Network. Hosted by Price: US 49.95 and up