Security tools: Part Three
Other tools
-
Network security scanner
After using some of the tools recommended above, you can add another level of protection to your network by downloading a security scanner. Scanners look for security holes and vulnerabilities and display the results. Two of my favorite security scanners include RealSecure Network Protection from Internet Security Systems and NetIQ Security Analyzer from WebTrends.These products will cost you some money, but they can save a lot of the time it would take you to manually find the holes in your network. They also can often point out things you would probably miss otherwise. This especially includes some security best practices that are not technically flaws or vulnerabilities. Both of these products can act like an in-house security consultant.
- Packet sniffer
A packet sniffer grabs packets off your network and allows you to analyse them at a basic level. Windows 2000 Server comes with a built-in sniffer called Network Monitor. You can install it from the Add/Remove Components applet in the Control Panel, if it is not already installed. After installation, you can use the analyser to sniff packets on your network for any suspicious activity, such as DoS attacks and other hacker exploits. - Sam Spade
Another usefulâ€"and freeâ€"resource is the Sam Spade tool and Web site. This is probably one of the most robust and helpful sites on the Internet for gathering network information. You can either use the online version of Sam Spade or download a small Windows program that does the same things and more.Sam Spade allows you to find out a ton of information about an IP address or FQDN. Let's say, for example, that in one of my security logs I discovered an IP address that was repeatedly scanning my systems (most likely a hacker trying to find open ports and vulnerabilities). I could take this IP address and do a Whois query and/or a Dig query to find out more about where the attacker is coming from and try to take action against the person via his or her company or ISP.
Sam Spade includes a number of other useful tools. I recommend that you spend some time working with Sam Spade to get to know all of the features it offers.
Summary
Network security is obviously critical at this stage in the IT game. To be successful, you should have many tools at your disposal. The tools we've looked at here, combined with your security policy and firewall, will help you keep your network secure.
TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to e-mail to fire walls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.
©2001 TechRepublic, Inc.
6%
1%
You missed the best security scanner!
Most in the security industry agree that the open source Nessus (www.nessus.org) is the best thing around with respect to security probing of hosts. It runs on Linux etc. but can scan Windows hosts.