1 / 20

Network Security Management Tools

Network Security Management Tools. Objectives. Describe security vulnerability testing, detection, and auditing tools useful in the Cisco network security environment. Upon completion of this chapter, you will be able to:. Integrity Testing Tools. Managing the Secure XYZ Network. Web Surfer.

logan-lott
Télécharger la présentation

Network Security Management Tools

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Network SecurityManagement Tools

  2. Objectives • Describe security vulnerability testing, detection, and auditing tools useful in the Cisco network security environment Upon completion of this chapter, you will be able to:

  3. Integrity Testing Tools

  4. Managing the Secure XYZ Network Web Surfer PSTN/ISDN Dialup Client Remote Branch Internet Dialup Network AccessServer Perimeter Router Firewall Bastion Host: Web Server FTP Server Engineering Sales Campus CampusClient TokenServer CiscoSecure ACS ServerTACACS+, RADIUS

  5. Scanners • ISS SafeSuite (UNIX and NT) • Top commercial scanner • Suite of several scanners with GUI • SATAN (UNIX) • Security Administrator’s Tool for Analyzing Networks • Scans remote hosts for most known security holes

  6. Scanners (cont.) • NSS (UNIX) • Strobe (UNIX) • Jackal (UNIX) • IdentTCPScan (UNIX) • CONNECT (UNIX) • FSPScan (Windows, OS/2) • XSCAN (UNIX)

  7. Sniffers • Network General Sniffer • Network General XRay • Gobbler (DOS/Windows) • ETHLOAD • Netman suite (Etherman) • Esniff.c • Network Monitor (Microsoft)

  8. Password Crackers/Checkers • Passwd+ • Crack (UNIX) • CrackerJack (UNIX) • PaceCrack95 (Windows 95) • Qcrack (DOS/Windows) • John the Ripper (UNIX) • Pcrack (UNIX Perl script) • Hades (UNIX) • Star Cracker (DOS) • Killer Cracker (UNIX, others)

  9. Network Utilities (UNIX) • host • traceroute • rusers • finger/sfingerd • showmount • WHOIS • smrsh • ssh

  10. Logging Tools • TCP_Wrapper • swatch • trimlog • logdaemon (UNIX)

  11. Tool Suites • Merlin by CIAC (UNIX) • Tiger (TAMU)

  12. File/System Integrity Checkers Used to guard against Trojan horses: • MD5 • COPS (UNIX) • Tripwire • ATP (Anti-Tampering Program) • Hobgoblin

  13. System Monitors • Windows/NT • Cinco NeTXray for Win 95 and NT • UltraScan v1.2 Port Scanner for NT • Kane Security Analyst for NT • Microsoft EP Dump for NT • MicrosoftC2CERT

  14. Windows 95 Tools • NetScan Tools • Network Toolbox • TCP/IP Surveyor

  15. Macintosh Tools • MacTCP Watcher • Query It! • WhatRoute

  16. Cisco IOS Software Commands • traceroute • show ip route • debug ip packet • rmon • show ip ?

  17. Chapter References The following sites contain security tools: • ftp://ciac.llnl.gov/pub/ciac/sectools/unix/ • ftp://coast.cs.purdue.edu/pub/tools/ • ftp://ftp.cert.org/pub/tools/ • ftp://ftp.win.tue.nl/pub/security/ • ftp://ftp.funet.fi/pub/unix/security/ • http://www.rootshell.com/ • http://filepile.com/ • http://www.iss.net/

  18. Summary • Scanners automatically detect security weaknesses • ISS and SATAN are two of the most popular scanners • Sniffers capture packet traffic for later analysis • Password crackers and checkers can be used to detect weak passwords, improving password security • UNIX is the most powerful operating system for network security, because it has many network utilities • Network logging tools are useful for detecting intrusions • Network security tools are also available for Windows NT and 95, DOS, Macintosh, and OS/2 • Cisco IOS software has commands useful for security

  19. Review Questions Q1. Which network security tool for the Windows NT platform would be useful for automatically detecting security weaknesses as part of managing network security? • A) ISS Safesuite Q2. What is the Cisco IOS software command that can substitute for a packet sniffer? • A) debug ip packet

  20. Review Questions (Cont’d) Q3. How can password crackers and checkers be used in managing network security? • A) Password crackers and checkers can be used to detect weak passwords, improving password security Q4. Which operating system has the largest selection of network security utilities? • A) UNIX is the most powerful operating system for network security, because it has many network utilities

More Related