Testing the security of a network can be an extremely difficult and lengthy process. A wide range of things can go wrong in just about any segment of a network, and for multiple reasons.
To help simplify and speed up the process, a few programs can be used to test our network against the latest security threats. Here's our exploration of the Top 5 Network Scanners and Security Programs.
Nmap is on the top of the list, as a free security scanner and information gathering tool. Nmap uses host discovery to find every computer on a network through a series of ping commands. A port scanner has also been included, which will report every vulnerable port open on a network.
The great thing about Nmap is that it is available on all the popular platforms - from Linux to Windows and Macintosh. This isn’t always the case with other network scanners and security programs, as many are Linux specific.
Nmap has had a little bit of controversy with the use of the program, since it has been used to help attack networks. The controversy of Nmap doesn’t even compare to the level of controversy Nessus has gained.
Nessus is incredibly more controversial than Nmap, in the respect that it can be used to do devastating damage, as well as good. Nessus goes one step further in identifying security flaws, since it tests against modern threats. This type of “smart” scanning will test for unapplied security patches, open ports, default passwords, and other vulnerabilities that can render a network helpless.
The big selling point of Nessus is that it has a continually updated database of new vulnerabilities. For this reason, it has been the most used vulnerability checker to date - and it certainly helps that it is completely free.
Just like Nmap, Nessus can be used cross-platform for systems such as Linux and Windows.
Snort is a popular tool that performs a real-time traffic analysis, as well as packet logging. Snort is generally considered to be less user-friendly than that of other programs. Users are given the option to get Snort certification, for those who do indeed want to get more familiar with the program. This certainly is not the best application for a quick fix to network security.
Snort is very well maintained, and is a good resource for system administrators who don’t mind the extra learning curve.
The great thing about Kismet is that it allows the same functionality of other tools, only it is for wireless networks. Windows users won’t be able to use this amazing program, but they do have several alternatives. Some have gotten a Windows version to work, but the process is extremely lengthy and often not worth the time.
Kismet is a very popular tool despite the lack of support for Windows. Kismet is one of the big reasons why system administrators tend to favor Linux based systems when securitizing a wireless network. Windows does have its share of counterparts, but certainly nothing that stacks up against Kismet.
NetStumbler is a great tool that can find wireless networks - even if they are hidden. This is usually used in war driving runs, but can also be used for more serious matters. It is useful for system administrators to see just how easy it is to find a hidden wireless network. But sadly, it proves to be of little more use than to find networks - certainly nothing too much more complex.
Don’t forget the Basics!
The basics of testing a network’s security are already implemented into TCP/IP. Commands such as Ping, traceroute, nslookup, and ipconfig are all great tools to help find security holes. They may not be as advanced as the programs previously mentioned, but they can usually be much faster. Simply open up a command prompt and type the following:
• Ping 127.0.0.1
This command pings your own computer four times with 32 bytes of data by default. This is the most basic command that tests connectivity between two computers. It is also the most basic way to initiate a denial of service attack. Command prompts aren’t as fun to work with as programs with user interfaces, but you’ll come to appreciate the speed and reliability of these commands. Now try typing the following:
• Ipconfig /all
Now you will notice that every device connected to your network replies with a list of helpful data. There aren’t any packet sniffers, encryption key crackers, and other advanced tools included in the TCP/IP protocol - but like we mentioned in previous sections, TCP/IP wasn’t designed with security in mind.
If you take anything you have just learned to heart, remember that using these tools for illegitimate uses will result in bad consequences. Just as easy as you can use these tools to do harm, system administrators have their own programs and tools that will track everything you are doing on a network.
It’s said that absolute power corrupts absolutely - just keep in mind that there are heavy fines and penalties for attacking networks. Sadly, this is true even if you are just trying to help. The good news is that you can attack your own network as much as you want, without penalty!