Technical (Bottom-Up) Methodology 137
Opinion: For the price, the Nessus tool is simply amazing. The upside is
that the tool is completely free, but the downside is that there is no
one to call for support. This tool has every bit of the functionality of
the much more expensive pay tools but none of the cost. Nessus is a
must-have tool.
Cisco Secure Scanner
URL: http://www.cisco.com
Price: ($–$$$$)
Vendor’s comments: Cisco Secure Scanner (formerly NetSonar) is an enter-
prise-class software tool offering superior network system identification,
innovative data management, flexible user-defined vulnerability rules,
comprehensive security reporting capabilities, and Cisco 24/7 world-
wide support (Exhibit 44). Cisco Secure Scanner is a key component
in Cisco’s comprehensive network security solutions. It allows users to
measure security, manage risk, and eliminate security vulnerabilities,
thus enabling more secure network environments.
Opinion: This tool appears to be young in its life cycle; currently it seems
to be a bit cumbersome. As with the rest of Cisco’s products, it will
soon be a top-notch product.
Exhibit 44. Cisco Secure Scanner
138 Managing Network Vulnerability Assessment
Retina
URL: http://www.eeye.com
Price: $$$
Vendor’s comments: Retina (Exhibit 45) is the award-winning network vulner-
ability scanner and remediation management system that discovers and
helps fix all known security vulnerabilities on Internet, intranet, and
extranet systems. Retina is easy to navigate and includes advanced report-
ing tools to help prioritize and isolate necessary fixes. Retina provides
total control over auditing open gateways, user security policies, registry
settings, as well as a long list of known security vulnerabilities.
Opinion: This product is another good, all-around vulnerability scanner.
The people at eeye have really put together an amazing product line
with Retina, Secure IIS, Iris, Nmap for NT, etc.
Specialty Tools
Specialty tools do one thing and do it well. The use of these tools can be
decided after the site assessment (see Exhibit 46).
NetBIOS tools
Web security tools
Firewall auditing tools
Exhibit 45. Retina
Technical (Bottom-Up) Methodology 139
Trojan detecting tools
War dialing tools
Miscellaneous tools
NetBIOS tools
Wireless tools
War dialers
Network sniffers
NetBIOS Tools
NetBIOS tools look at the security of Microsoft Windows networking. The tool
reform these check by searching for open shares, available user accounts, and
remote registry access.
Networld Scanner
URL: http://www.pelttech.com
Price: Free
OS: NT
Opinion: A fun, free, and easy-to-use utility that allows you to scan a large
network quickly for open Microsoft shares (Exhibit 47). It can be a lot
of fun to see what other Internet users are sharing out from their local
hard drive.
Exhibit 46. The Vulnerability Assessment Model: Specialty Tool Layer
Zero-Information-Based (ZIB) Tools
Network Enumeration Tools
OS Fingerprinting Tools
Application Discovery Tools
Vulnerability Scanning
Tools
Specialty
Tools
Number of Hosts
Length of Time
Information In: Vulnerable applications
Information Out: Confirmation of vulnerability
140 Managing Network Vulnerability Assessment
Nat10
URL: http://www.tux.org/pub/security/secnet/tools/nat10
Price: Free
OS: NT
Opinion: The NetBIOS Auditing Tool (NAT) is designed to explore the
NetBIOS file-sharing services offered by the target system (Exhibit 48).
It implements a stepwise approach to gather information and attempt
to obtain file system-level access as if it were a legitimate local client.
Legion
URL: http://www.pelttech.com — for download
Price: Free
OS: NT
Opinion: This tool is an easy-to-use GUI that will scan a Class C IP address
space for open NetBIOS shares (Exhibit 49). The 2.1 version of the
tool comes with a brute-force password cracker as well.
Essential Net Tools 3
URL: http://www.tamos.com
Price: $
OS: NT
Exhibit 47. NetWorld Scanner
Technical (Bottom-Up) Methodology 141
Exhibit 48. NAT 10
Exhibit 49. Legion
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.