Creating a Network Security Toolkit is a necessity for any information technology professional.
Below I’ve organized some tools both free and paid by the category of users that will most benefit from them. These are mostly offensive tools; I’ll be writing another article to cover the defensive side shortly.
Full Disclosure: I am in no way affiliated with any of these companies nor do I sell their products. These are my personal experiences and opinions.A great way to have these tools on-hand is to install them all on a thumb drive. You can use a Linux bootable distribution such-as kali or backtrack and add your own tools to the thumb drive. If you’re going to be working with these tools very often the best option is to create a virtual machine or download the kali pre-made VM. ProTip: Be sure to have a backup of your virtual machine once you get done customizing it but before you scan or test any network. That way your businesses data is not stored on your VM and if you wind up breaking something you can always start fresh.
Tools Everybody should have:
- A good port scanner. nmap is surely the favorite but I’ve had good results with Advanced IP Scanner in a pinch (windows only). If you’re going to be scanning larger networks stick with nmap. Don’t forget to check out nmap’s scripts they’re awesome!
- SecurityFocus Vulnerabilities Website – It is an oldie but still one of the most comprehensive websites when it comes to vulnerable software information. I highly recommend checking their database against any products that are critical to your business.
- Wireshark – The best packet capture and analysis tool and it’s FREE! Everybody that works with networks should have a basic understanding of what packets on the wire look like and how to troubleshoot common issues.
Basic Network Security Toolkit:
- Burp Suite Web Proxy – Free edition is fine. Burp is the best web application proxy on earth! You don’t need to be a web security genius to check your company’s applications for basics like authentication bypass and basic SQL Injection. In-fact we use burp as our proxy of choice on web application engagements.
- Nessus – The most widely used vulnerability scanner today. Unfortunately you’ll have to pay for this tool in order to scan more than a few hosts at a time but its well worth its price tag. Nessus is a great place to start a new security initiative in a small business. Start by scanning your most critical hosts and patching/fixing the vulnerabilities you find. Pro-Tip: You’ll want to play with the scanners default settings and credentialed scans are much more accurate.
- Kaspersky Rescue Disk – This is a great bootable antivirus rescue disk. It’s a good way to confirm and possibly clean an infection on a system. Never trust installed antivirus or malware products if you’re sure the system is compromised. The best solution is to sanitize the data by scanning it on another host and re-loading the operating system on a clean formatted hard drive. If you suspect a system is infected Kaspersky Rescue Disk is a great way to confirm your suspicions.
Intermediate Network Security Toolkit Additions:
- Metasploit – A good product to start doing some basic penetration testing. Metasploit comes in free, express and pro versions. The pro version has a great phishing tool built-in if your budget will allow for it. Be careful with metasploit, as a fair amount of the exploits are community contributed and may cause systems to crash more often than their corporate counterparts at core and immunity.
- Core Impact – A very polished windows based option if your budget is large enough to afford it. I think core impact has the best agent of any penetration-testing tool on the market. Its ability to pivot is un-matched in any other product.
- Immunity Canvas – This is another penetration testing platform that deserves an honorable mention. Canvas sometimes has exploits the other two don’t.
Advanced Network Security Toolkit Additions:
- OllyDbg – My favorite debugger when searching for new vulnerabilities. Typically I’ll create a virtual machine with OllyDbg and the product I’d like to test installed. I’ll then attach to the running exe with olly and examine values in real-time while fuzzing the product with a simple fuzzer written in metasploit for the particular protocol/port I want to test.
- Python – The best programming language for security work especially with the addition of scapy for raw packet manipulation. –I’ll surely catch some flak over this suggestion as the security community is fairly evenly split between python and ruby. Metasploit is written entirely in ruby. For me Python seems to be faster when writing basic programs and scripts but it is a little funky in that it doesn’t treat white space like every other language, tabs, and indentation matter in python.
Latest posts by Nick Gibson (see all)
- How Security Professionals Dig up Dirt about You Online - January 20, 2014
- 10 Easy Tips to Secure Home Networks - December 28, 2013
- Network Security Toolkit - December 26, 2013