Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Network Security Management Tools

advertisement 
Network Security
Management Tools
Objectives
Upon completion of this chapter,
you will be able to:
• Describe security vulnerability testing,
detection, and auditing tools useful in
the Cisco network security environment
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-2
Integrity Testing Tools
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-3
Managing the Secure
XYZ Network
Web Surfer
PSTN/
ISDN
Dialup Client
Internet
Perimeter
Router
Dialup
Network Access
Server
Remote
Branch
Firewall
Bastion Host:
Web Server
FTP Server
Engineering
Sales
Campus
CiscoSecure ACS Server
TACACS+, RADIUS
Token
Server
Copyright 1998, Cisco Systems, Inc.
Campus
Client
MCNS—Network Security Management Tools—17-4
Scanners
• ISS SafeSuite (UNIX and NT)
Top commercial scanner
Suite of several scanners with GUI
• SATAN (UNIX)
Security Administrator’s Tool for Analyzing
Networks
Scans remote hosts for most known security holes
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-5
Scanners (cont.)
• NSS (UNIX)
• Strobe (UNIX)
• Jackal (UNIX)
• IdentTCPScan (UNIX)
• CONNECT (UNIX)
• FSPScan (Windows, OS/2)
• XSCAN (UNIX)
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-6
Sniffers
• Network General Sniffer
• Network General XRay
• Gobbler (DOS/Windows)
• ETHLOAD
• Netman suite (Etherman)
• Esniff.c
• Network Monitor (Microsoft)
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-7
Password Crackers/Checkers
• Passwd+
• Crack (UNIX)
CrackerJack (UNIX)
Pcrack (UNIX Perl script)
PaceCrack95 (Windows 95)
Hades (UNIX)
Qcrack (DOS/Windows)
Star Cracker (DOS)
John the Ripper (UNIX)
Killer Cracker (UNIX, others)
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-8
Network Utilities (UNIX)
• host
• traceroute
• rusers
• finger/sfingerd
• showmount
• WHOIS
• smrsh
• ssh
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-9
Logging Tools
• TCP_Wrapper
• swatch
• trimlog
• logdaemon (UNIX)
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-10
Tool Suites
• Merlin by CIAC (UNIX)
• Tiger (TAMU)
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-11
File/System Integrity Checkers
Used to guard against Trojan horses:
• MD5
• COPS (UNIX)
• Tripwire
• ATP (Anti-Tampering Program)
• Hobgoblin
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-12
System Monitors
• Windows/NT
• Cinco NeTXray for Win 95 and NT
• UltraScan v1.2 Port Scanner for NT
• Kane Security Analyst for NT
• Microsoft EP Dump for NT
• MicrosoftC2CERT
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-13
Windows 95 Tools
• NetScan Tools
• Network Toolbox
• TCP/IP Surveyor
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-14
Macintosh Tools
• MacTCP Watcher
• Query It!
• WhatRoute
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-15
Cisco IOS Software Commands
• traceroute
• show ip route
• debug ip packet
• rmon
• show ip ?
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-16
Chapter References
The following sites contain security tools:
• ftp://ciac.llnl.gov/pub/ciac/sectools/unix/
• ftp://coast.cs.purdue.edu/pub/tools/
• ftp://ftp.cert.org/pub/tools/
• ftp://ftp.win.tue.nl/pub/security/
• ftp://ftp.funet.fi/pub/unix/security/
• http://www.rootshell.com/
• http://filepile.com/
• http://www.iss.net/
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-17
Summary
• Scanners automatically detect security weaknesses
• ISS and SATAN are two of the most popular scanners
• Sniffers capture packet traffic for later analysis
• Password crackers and checkers can be used to detect
weak passwords, improving password security
• UNIX is the most powerful operating system for network
security, because it has many network utilities
• Network logging tools are useful for detecting intrusions
• Network security tools are also available for Windows NT
and 95, DOS, Macintosh, and OS/2
• Cisco IOS software has commands useful for security
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-18
Review Questions
Q1. Which network security tool for the Windows NT
platform would be useful for automatically detecting
security weaknesses as part of managing network
security?
A) ISS Safesuite
Q2. What is the Cisco IOS software command that can
substitute for a packet sniffer?
A) debug ip packet
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-19
Review Questions (Cont’d)
Q3. How can password crackers and checkers be used
in managing network security?
A) Password crackers and checkers can be used to detect weak
passwords, improving password security
Q4. Which operating system has the largest selection
of network security utilities?
A) UNIX is the most powerful operating system for network security,
because it has many network utilities
Copyright 1998, Cisco Systems, Inc.
MCNS—Network Security Management Tools—17-20
Related documents
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
CCENT 640-822 ICND1 Exam Topics Review
CCENT 640-822 ICND1 Exam Topics Review
7 Survival Skills - 21st Century Schools
7 Survival Skills - 21st Century Schools
AIR-CAP3702E-EK910
AIR-CAP3702E-EK910
SPN-5300-K9
SPN-5300-K9
if not using preferred method of corporate MPLS circuits
if not using preferred method of corporate MPLS circuits
This PowerPoint primarily consists of the Target Indicators (TIs)
This PowerPoint primarily consists of the Target Indicators (TIs)
IoT EBC Deck - Cisco Communities
IoT EBC Deck - Cisco Communities
Download
advertisement