Security tools: Part Two
Pingâ€" Everyone should be familiar with the Ping command. It allows you to test network connectivity between a host system and another system using the IP address, NetBIOS name, or host name. The syntax is simply ping [hostname, IP address, or NetBIOS name].
Tracertâ€" This utility goes a step further than Ping by allowing you to trace the hops between one system and a destination system (Figure E). It is helpful in determining where your connection is failing along the way to its destination. You invoke this tool using tracert [domain name, hostname, IP address, or NetBIOS name].
Figure E
Nslookupâ€" This utility allows you to gather valuable host, IP address, and domain information (Figure F). You can use this command by entering nslookup [fully qualified domain name or IP address] or by simply issuing the command nslookup, which will take you into interactive mode (with the > prompt). At that point, you can enter just the IP address or fully qualified domain name. Interactive mode is best to use when you're doing multiple lookups.
Figure F
In addition to the above command-line tools, the following tools may also be useful:
TcpViewâ€" This utility is a free download that basically gives you the same information as Netstat but lets you view it graphically.
TDimonâ€" This utility gives you TCP and UDP activity in real time on the system that is being scanned (Figure G). You can download this tool here.
Fportâ€" This little tool displays all TCP and UDP ports and maps them to their owning application. This tool can aid you in determining what ports to open or close on your firewall. You can download this tool by clicking here and then clicking Intrusion Detection, Fport, and Download Now.
4%
4%
You missed the best security scanner!
Most in the security industry agree that the open source Nessus (www.nessus.org) is the best thing around with respect to security probing of hosts. It runs on Linux etc. but can scan Windows hosts.