Security Testing
When, where, how?

Unfortunately, the decision made to implement security controls within an organization, occur after an attack by an intruder or virus. Taking a reactive instead of pro-active approach with the IT Division's involvement in security could cost considerably in loss of time, data, and money.

Knowing when and where to make changes can be daunting at times even for pro's in the field who only deal with the infrastructures security. However, what about the smaller network environments, those with an IT Staff of only one or two persons with three or four hundred systems to manage? If the work load is large enough, it could prove difficult to find the time to even think about security.

This is one of the areas I wanted Plan-B to be able to help with. Provide tools capable of allowing an administrator to research the current condition of their network and still be able to accomplish other tasks. Some utilities allow you configure a scan for a range of systems, and then provide a report of its findings, even possible solutions to problem areas.

Picture of Plan-B running Sara and Nessus
Plan-B running Sara and Nessus

Nessus and Sara
Testing network systems

Software utilities used to test the effectiveness of the security controls on your local network are an excellent resource to administrators.  Nessus and Sara, shown in the picture above, are equally upto to the task of helping determine the weak points of your infrastucture.
Software Summary
access 0.7beta
CmosPwd 4.3
Crack 5.0a
DSNIFF 2.3
Ethereal 0.9.11
Ettercap 0.6a
FWBuilder 1.0.10
fwlogwatch 0.9.3
Foremost v.62
fping 2.4b2
Hping2
Hunt 1.5
IP Sorcery 1.7.5
IPTraf 2.7.0
John the Ripper 1.6
nbtscan 1.0.3
Nessus 2.0.7
Nikto 1.30
Nmap 3.28
ntop 2.2.0
p0f 1.8
PortSentry 2 No Longer Supported
Sara 4.1.4c
Snort 2.0
Tara 3.0.3
Wellenreiter 1.8

Both Sara and Nessus (seen in the center column above)have this capability. Even though they are an excellent resource, please don't let me leave you with the "set it, forget it" impression. Never rely on any single utility to be responsible for determining the security of your network. There is no application that can provide the "Cure All" solution. Only you know the working foundation of your network scheme and nothing can replace an administrator with a true concern for protecting their data environment. I couldn't begin to try and cover the every aspect of Information Security here. There are already hundreds of books on the subject probably non more recognized than the Hacking Exposed series. They've managed to compile an excellent resource for System and Network Administrators that covers several Operating System platforms.
Home | Forensics | Security | Audit | Status | Reference | Forum | Download | Contact | About

(%)2003 Project Plan-B