Top 5 Security Tools for a CISSP
With all of the systems you need to manage as a network or security administrator, you’ll need a robust set of tools to ensure your network is secure and safe from attackers. We’ll cover free network security tools that scan for vulnerabilities, packet sniffing, network mapping, wireless scanning and password cracking. Although there are many options for each category of tool, I’ll just talk about some of the more popular tools. For a comprehensive list of network security scanning tools, check out the “Sectools.org” website.
Penetration testing and vulnerability scanning is one of the most important tasks you can do to ensure your network stays secure. The tools available vary based on cost and open vs. closed source.
Nessus, one of the best vulnerability scanners on the market was open source at it’s inception but has since gone closed source. They have a limited free version that is only available for home networks however. Nessus scans hosts against a database of over 34,000 (and growing) vulnerabilities. It’s easy to use and is very frequently updated.
OpenVas, is a forked version of Nessus that came about after Nessus closed its source code. It is a frame work of several services and tools that offer a good Vulnerability management solution that is licensed under the GNU GPL.
Wireshark is a free and open source packet analyzer. Wire shark is the de facto standard in open source packet sniffing. It’s one of the first tools that are true network engineer and security professional need to mastering have under their belt. Initially it can be daunting for new network engineers and Security professionals where is most definitely a must-have.
Wireshark is cross-platform, using the Qt widget toolkit in current releases to implement its user interface, and using pcap to capture packets; it runs on Linux, MacOS, operating systems, and Microsoft Windows.
Unless you built your network from the ground up you will need to perform network mapping. Network mapping is needed to determine what devices you have on your network and allows you to enumerate the devices on your network along with the services they are running. A great tool to help map your network is NMAP and it’s GUI companion Zenmap. Zenmap/NMAP can be set to scan an entire subnet or set of machines and will report on how many are available and what ports are open and listening on those machines. NMAP can be downloaded from here.
Scanning for rogue wireless devices should be done on a regular basis. If you have one of your users come in and set up an unsecure wireless access point running off your corporate network you have a pretty serious security issue. A tool like Kismet (available here) can help you scan for wireless devices. Kismet can also act as a wireless packet sniffer and intrusion detection system. Kismet passively collects data using your wireless card and can even alert you if the data it detects appears to be an attack on your wireless network. This is a must have for any organization with a wireless network in place.