Professional Documents
Culture Documents
17 - Network Security Management Tools
17 - Network Security Management Tools
Objectives
Upon completion of this chapter, you will be able to:
Describe security vulnerability testing, detection, and auditing tools useful in the Cisco network security environment
Internet
Dialup
Perimeter Router
Campus
CiscoSecure ACS Server TACACS+, RADIUS Token Server
Campus Client
Scanners
ISS SafeSuite (UNIX and NT)
Top commercial scanner Suite of several scanners with GUI
SATAN (UNIX)
Security Administrators Tool for Analyzing Networks
Scanners (cont.)
NSS (UNIX)
Strobe (UNIX)
Jackal (UNIX)
IdentTCPScan (UNIX)
CONNECT (UNIX)
Sniffers
Network General Sniffer Network General XRay Gobbler (DOS/Windows) ETHLOAD Netman suite (Etherman)
Esniff.c
Network Monitor (Microsoft)
Copyright 1998, Cisco Systems, Inc.
MCNSNetwork Security Management Tools17-7
Password Crackers/Checkers
Passwd+ Crack (UNIX)
CrackerJack (UNIX) PaceCrack95 (Windows 95) Qcrack (DOS/Windows) Pcrack (UNIX Perl script) Hades (UNIX) Star Cracker (DOS)
rusers
finger/sfingerd showmount WHOIS smrsh ssh
Copyright 1998, Cisco Systems, Inc.
MCNSNetwork Security Management Tools17-9
Logging Tools
TCP_Wrapper
swatch trimlog logdaemon (UNIX)
Tool Suites
Hobgoblin
Copyright 1998, Cisco Systems, Inc.
MCNSNetwork Security Management Tools17-12
System Monitors
Windows/NT
Cinco NeTXray for Win 95 and NT UltraScan v1.2 Port Scanner for NT Kane Security Analyst for NT
Windows 95 Tools
TCP/IP Surveyor
Macintosh Tools
MacTCP Watcher
Query It!
WhatRoute
debug ip packet
rmon show ip ?
Chapter References
The following sites contain security tools:
ftp://ciac.llnl.gov/pub/ciac/sectools/unix/ ftp://coast.cs.purdue.edu/pub/tools/ ftp://ftp.cert.org/pub/tools/ ftp://ftp.win.tue.nl/pub/security/
ftp://ftp.funet.fi/pub/unix/security/
http://www.rootshell.com/ http://filepile.com/
http://www.iss.net/
Copyright 1998, Cisco Systems, Inc.
MCNSNetwork Security Management Tools17-17
Summary
Scanners automatically detect security weaknesses
Network security tools are also available for Windows NT and 95, DOS, Macintosh, and OS/2
Cisco IOS software has commands useful for security
Review Questions
Q1. Which network security tool for the Windows NT platform would be useful for automatically detecting security weaknesses as part of managing network security?
A) ISS Safesuite
Q2. What is the Cisco IOS software command that can substitute for a packet sniffer?
A) debug ip packet
Q4. Which operating system has the largest selection of network security utilities?
A) UNIX is the most powerful operating system for network security, because it has many network utilities