Boards.ie

anonym00se · 29-05-2000, 15:54

After reading:
http://www.networkcomputing.com/1110/1110ws1.html

It got me thinking about what the most common
security tools in use are, so what is every ones favourite tool, be it for IDS, auditing,
crypto etc and for what platform.

deRanged · 29-05-2000, 16:09

the three I've used most in the past while are
openssl, l0phtcrack and ultrascan.
(solaris, nt, nt)

it's surprising how much you can get done with just those three.

[This message has been edited by deRanged (edited 29-05-2000).]

anonym00se · 29-05-2000, 16:28

My current favourites would have to be:

network scanner
----------------
nmap (Unix)
http://www.insecure.org/nmap

IDS
---
snort (Unix)
http://www.clark.net/~roesch/security.html

OS Hardening
------------
Titan (Solaris, SunOS)
http://www.fish.com/titan/

Auditing
--------
Sara (Unix), Saint(Unix), ISS(Win), whisker(Unix)
http://www-arc.com/sara/sara.html
http://www.wwdsi.com/saint/
http://www.iss.net/securing_e-busine...ernet_scanner/
http://www.wiretrip.net/rfp/p/doc.asp?id=21&iface=2

OS
---

openBSD
http://www.openbsd.org - ok ok I know it
isnt a security tool, but it is so damn
cool.

deRanged · 29-05-2000, 16:30

you must have thought about that list for a while

anonym00se · 29-05-2000, 16:35

Surprisingly enough no, I saw your reply
like 10 min ago and thought I'd lash my
own together. After all I would use alot
of those daily, so it really wasnt that
hard to decide.

I did however leave out Crypto tools as
I just couldnt decide.

deRanged · 29-05-2000, 16:37

what crypto tools do you use?
I know I'm being awkward but I'm in the middle of some ssl stuff atm so it's topical.
I'm using a mix of openssl, RSA's ssl_j and baltimore's j_ssl. with openssl as my favourite.

[This message has been edited by deRanged (edited 29-05-2000).]

anonym00se · 29-05-2000, 16:54

Off the top of my head

I would use

Win32
------
pgp - http://www.pgpi.com
scramdisk - http://www.scramdisk.clara.net/

Unix
----

pgp
mcrypt - http://mcrypt.hellug.gr/
libMcrypt - http://mcrypt.hellug.gr/#_libmcrypt

I know there are lots more but I really
cant think of them atm.

Hopefully I will manage to get around to giving openBSDs swap encryption a go some time soon

On a slightly related note I also use

srm (unix) and eraser (win) for secure
file deletion
http://www.infowar.co.uk/thc/ http://www.tolvanen.com/eraser/

BrainDead · 30-05-2000, 10:47

snoop/tcpdump and telnet, what more do you need?

anonym00se · 30-05-2000, 11:20

Ok please explain how telnet is a security tool!!!

BrainDead · 30-05-2000, 13:07

Well, telnet may not be the fastest means of doing things, but it's always there and can be used for a good variety of things.

BrainDead · 30-05-2000, 13:11

Besides, ftp is much better for generating core dumps than telnet....ahhh those 8 meg core dumps at the press of a key

anonym00se · 30-05-2000, 13:43

It is all well and good being able to get a computer to core dump, but being able to get any usefull info with that core file is a different kettle of fish.

BrainDead · 30-05-2000, 13:55

Ahh, I know, but all these fancy tools make life just too easy

anonym00se · 30-05-2000, 14:01

I for one dont want to have to waste time on things that can be automated. It just cuts into the time you have to test for "unknown" problems.

Kali · 30-05-2000, 14:03

my syringe and a baseball bat.
what more security do you need?

29-05-2000, 15:54	#1
anonym00se Registered User Join Date: May 2000 Location: dublin Posts: 60 Adverts \| Friends	Favourite Security Tools After reading: http://www.networkcomputing.com/1110/1110ws1.html It got me thinking about what the most common security tools in use are, so what is every ones favourite tool, be it for IDS, auditing, crypto etc and for what platform.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

29-05-2000, 16:09	#2
deRanged Registered User Join Date: Sep 1999 Location: cork.ie Posts: 3,424 Adverts \| Friends	the three I've used most in the past while are openssl, l0phtcrack and ultrascan. (solaris, nt, nt) it's surprising how much you can get done with just those three. [This message has been edited by deRanged (edited 29-05-2000).]

29-05-2000, 16:28	#3
anonym00se Registered User Join Date: May 2000 Location: dublin Posts: 60 Adverts \| Friends	My current favourites would have to be: network scanner ---------------- nmap (Unix) http://www.insecure.org/nmap IDS --- snort (Unix) http://www.clark.net/~roesch/security.html OS Hardening ------------ Titan (Solaris, SunOS) http://www.fish.com/titan/ Auditing -------- Sara (Unix), Saint(Unix), ISS(Win), whisker(Unix) http://www-arc.com/sara/sara.html http://www.wwdsi.com/saint/ http://www.iss.net/securing_e-busine...ernet_scanner/ http://www.wiretrip.net/rfp/p/doc.asp?id=21&iface=2 OS --- openBSD http://www.openbsd.org - ok ok I know it isnt a security tool, but it is so damn cool.

29-05-2000, 16:30	#4
deRanged Registered User Join Date: Sep 1999 Location: cork.ie Posts: 3,424 Adverts \| Friends	you must have thought about that list for a while

29-05-2000, 16:35	#5
anonym00se Registered User Join Date: May 2000 Location: dublin Posts: 60 Adverts \| Friends	Surprisingly enough no, I saw your reply like 10 min ago and thought I'd lash my own together. After all I would use alot of those daily, so it really wasnt that hard to decide. I did however leave out Crypto tools as I just couldnt decide.

29-05-2000, 16:37	#6
deRanged Registered User Join Date: Sep 1999 Location: cork.ie Posts: 3,424 Adverts \| Friends	what crypto tools do you use? I know I'm being awkward but I'm in the middle of some ssl stuff atm so it's topical. I'm using a mix of openssl, RSA's ssl_j and baltimore's j_ssl. with openssl as my favourite. [This message has been edited by deRanged (edited 29-05-2000).]

29-05-2000, 16:54	#7
anonym00se Registered User Join Date: May 2000 Location: dublin Posts: 60 Adverts \| Friends	Off the top of my head I would use Win32 ------ pgp - http://www.pgpi.com scramdisk - http://www.scramdisk.clara.net/ Unix ---- pgp mcrypt - http://mcrypt.hellug.gr/ libMcrypt - http://mcrypt.hellug.gr/#_libmcrypt I know there are lots more but I really cant think of them atm. Hopefully I will manage to get around to giving openBSDs swap encryption a go some time soon On a slightly related note I also use srm (unix) and eraser (win) for secure file deletion http://www.infowar.co.uk/thc/ http://www.tolvanen.com/eraser/

30-05-2000, 10:47	#8
BrainDead Registered User Join Date: Mar 2000 Location: Cork Posts: 12 Adverts \| Friends	snoop/tcpdump and telnet, what more do you need?

30-05-2000, 11:20	#9
anonym00se Registered User Join Date: May 2000 Location: dublin Posts: 60 Adverts \| Friends	Ok please explain how telnet is a security tool!!!

30-05-2000, 13:07	#10
BrainDead Registered User Join Date: Mar 2000 Location: Cork Posts: 12 Adverts \| Friends	Well, telnet may not be the fastest means of doing things, but it's always there and can be used for a good variety of things.

30-05-2000, 13:11	#11
BrainDead Registered User Join Date: Mar 2000 Location: Cork Posts: 12 Adverts \| Friends	Besides, ftp is much better for generating core dumps than telnet....ahhh those 8 meg core dumps at the press of a key

30-05-2000, 13:43	#12
anonym00se Registered User Join Date: May 2000 Location: dublin Posts: 60 Adverts \| Friends	It is all well and good being able to get a computer to core dump, but being able to get any usefull info with that core file is a different kettle of fish.

30-05-2000, 13:55	#13
BrainDead Registered User Join Date: Mar 2000 Location: Cork Posts: 12 Adverts \| Friends	Ahh, I know, but all these fancy tools make life just too easy

30-05-2000, 14:01	#14
anonym00se Registered User Join Date: May 2000 Location: dublin Posts: 60 Adverts \| Friends	I for one dont want to have to waste time on things that can be automated. It just cuts into the time you have to test for "unknown" problems.

30-05-2000, 14:03	#15
Kali Registered User Join Date: Feb 1998 Location: Essex, UK. Posts: 6,549 Adverts \| Friends	my syringe and a baseball bat. what more security do you need?