Budget Crunch? Free Tools for Securing and Improving the Network
Download
Report
Transcript Budget Crunch? Free Tools for Securing and Improving the Network
Budget Crunch? Free Tools
for Securing and Improving
Your Network
Ernest Staats [email protected] MS Information
Assurance, CISSP, MCSE, CNA, CWNA, CCNA,
Security+, I-Net+, Network+, Server+, A+
Resources available @
http://www.es-es.net
Partial List of Tools
• CD/USB Security (UBCD4Win,
BackTrack, Hacksaw, U3 Security tools)
• What is on your network
(Dude, Cain, SuperScanner, Getif)
• Discover Bandwidth hogs
(Wireshark, Dude, Qcheck)
• Find current security
issues (Nessus, MBSA, Cain
Metasploit, BackTrack)
• Password Recovery (Cain,
UBCD4Win, BackTrack, John the Ripper)
• Application and Data Base
Tools (SQL recon, Metasploit , HPing2,
N-Stealth, N-Stealth, Absinthe)
• Encryption Software (True
Crypt, Dekart, Windows)
• Wireless Tools (Air Crack, Net
Stumbler, Kismet, Cain, Qcheck)
• Virtual Machines (Vmware,
MSVirtual Server, Xen, Virtual Iron)
• Perimeter Security (DNSstuff ,DNS-reports, Open DNS, Firewall
check, Security space namap, Nessus)
• Data Rescue and
Restoration (SyncBack,
Restoration, Zero Assumption ,Free
undelete,)
• PC Security (DumpSec,
Winfingerprint, Winaudit, MBSA,
Windows defender XP-Vista)
• Securely Transfer files
(WinSCP, TeraTerm, SyncBack)
• Tiny URL (http://tinyurl.com )
No One Tool Fits All as some claim
• There is no one Swiss Army knife when it
comes to security:
– Determine your needs
•
•
•
•
•
Restoring Deleted files
File Shredding
Network analysis
Encryption
Filtering
– Find the right tools
– Use the correct tool for the job
My Most Used Tools:
•
•
•
•
•
•
•
•
Open DNS-– Another layer to block proxies and adult sites; http://www.opendns.com/
Ccleaner
– Removes unused files and other software that slows down your PC;
http://www.ccleaner.com/
PC Decrapifier
– The PC Decrapifier will uninstall many of the common trial ware and
annoyances found on new PCs. Free for personal use and 20$ per tech
who will use it; http://tinyurl.com/28r8ko
File Shredder
– A fast, safe and reliable tool to shred company files;
http://www.fileshredder.org/
The Dude
– Auto network discovery, link monitoring, and notifications supports SNMP,
ICMP, DNS and TCP monitoring; http://tinyurl.com/mulky
WinAudit
– Audits Windows® based computers. Just about every aspect of computer
inventory is examined. Also can automate inventory administration at the
network level; http://tinyurl.com/27pk6t
Soft Perfect Network Scanner
– A multi-threaded IP, SNMP and NetBIOS scanner. Very easy to use;
http://tinyurl.com/2kzpss
SyncBack
– File Backup software; http://tinyurl.com/fmtel
Dude Screen Shot
Oldies but Goodies
•
•
•
•
•
•
•
•
•
•
•
Aidia 32
– System information, diagnostics and benchmarking for Win32 platforms. Screen shots, remote
control, AIDA32 will extract details of all components of the PC. You can display information print it
or save it to a .. XML, HTML or CSV.
– http://tinyurl.com/2j9ro8
SuperScan 4
– Network Scanner finds open ports (I prefer version 3) http://tinyurl.com/2z42uy
Nmap
– Scanning and Foot printing http://tinyurl.com/3dfk7v
Cain and Abel
– the “Swiss Army knife” Cracks passwords, VOIP, and so much more
– http://tinyurl.com/53vmz
Wire Shark
– http://tinyurl.com/yclvno
Autoruns
– shows the programs that run during system boot up or login
– http://tinyurl.com/3adktf
Iron Geek
– Step by step security training http://tinyurl.com/bzvwx
Three finger salute (CTR+ALT+DEL)
Default Password List
– http://tinyurl.com/39teob
Nessus
– Great system wide vulnerability scanner http://tinyurl.com/3ydrfu
The Google Hacking Database (GHDB)
– http://tinyurl.com/2mxe2h
Open DNS
•
•
•
•
•
•
•
•
Phishing Protection
We operate PhishTank.com, the world's most trusted source of phishing
data. We integrate that data into an intelligence feed on our DNS servers
to keep everyone on your network safe from phony sites trying to steal
personal information.
Domain Blocking
You want to secure your network and have control over what resolves.
We give you that control by providing the tools to block any website or
DNS zone on the Internet, all through an easy-to-use interface.
Adult Site Blocking
Safeguard your kids, protect your students, or limit your corporate liability
by blocking adult websites. Our adult site blocking solution can be
deployed in minutes and provides granular levels of blocking. Did we
mention it's completely free?
Web Proxy Blocking
Prevent people on your network from bypassing the access restrictions
you put in place. Blocking Web proxies helps ensure your network
remains secure.
Cain and Abel Local Passwords
Nessus Summary
My Most Used Tools 2:
• Wireshark
– Packet sniffer used to find passwords and other important network
errors going across network
– SSL Passwords are often sent in clear text before logging on
–
http://tinyurl.com/yclvno
• Metasploit
– Hacking/networking security made easy
–
http://www.metasploit.com/
• BackTrack or UBCD4WIN Boot CD
– Cleaning infected PC’s or ultimate hacking environment. Will run
from USB
–
–
http://tinyurl.com/2y2jdj
http://tinyurl.com/38cgd5
• Read notify
– “Registered” email
–
http://www.readnotify.com/
• Virtual Machine
– For pen testing
–
http://tinyurl.com/2qhs2e
http://www.virtualiron.com/
Wireshark Screen Shot
Security Testing Boot CD/USB:
• Bart PE or UBCD4WIN
– http://www.bartpe.com
– http://www.ubcd4win.com
• UBCD
– hardware testing including BIOS; HD cloning, recovery, destruction
tools, ram testing, and so much more
– http://www.ultimatebootcd.com/download.html
• Back Track
– one of the more powerful cracking network auditing packages
– http://www.remoteexploit.org
• KNOPPIX
– recover/repair dead systems and several security tools
– http://www.knoppix.net/
BackTrack
UBCD4WIN/BartPE
Perimeter Security:
• DNS-stuff and DNS-reports
– http://www.dnsstuff.com
– http://www.dnsreports.com
– Are you blacklisted?
– Test your e-mail system
– Check your HTML code for errors
• WINHTTrack
– For offline testing
– http://tinyurl.com/2qukbx
• Open DNS
– http://www.opendns.com/
• Firewall checkers
– www.firewallcheck.com
• Security Space
– http://tinyurl.com/cbsr
Tools to Assess Vulnerability
• Nessus
– Vulnerability scanners
– http://www.nessus.org
• Snort
– IDS - intrusion detection system
– http://www.snort.org
• Metasploit Framework
– Vulnerability exploitation tools
– Use with great caution and have permission
– http://tinyurl.com/3d57vu
• MBSA Microsoft Baseline Security Analyzer (MBSA)
– Used to determine their security state and specific remediation
guidance
– http://tinyurl.com/39vfhe
Password Recovery Tools:
• Fgdump
– Mass password auditing for Windows
– http://tinyurl.com/2c7hf4
• Cain and Abel
– Password cracker and so much more….
– http://tinyurl.com/dlvva
• John The Ripper
– Password crackers
– http://tinyurl.com/26kt7p
• RainbowCrack
– An Innovative Password Hash Cracker tool that makes use of a
large-scale time-memory trade-off.
– http://tinyurl.com/ysfgtx
Change/Discover Win Passwords
• Windows Password recovery - Can retrieve forgotten
admin and users' passwords in minutes. Safest possible
option, does not write anything to hard drive.
• Offline NT Password & Registry Editor - A great
boot CD/Floppy that can reset the local administrator's
password.
• John the Ripper - Good boot floppy with cracking
capabilities.
• Emergency Boot CD - Bootable CD, intended for
system recovery in the case of software or hardware
faults.
• Austrumi - Bootable CD for recovering passwords and
other cool tools.
Networking Scanning
• MS Baseline Analyzer
– http://tinyurl.com/27obrz
• The Dude
– Great for mapping and analyzing traffic
– http://tinyurl.com/2kzejg
• Getif
– Network SNMP discovery and exploit tool
– http://tinyurl.com/23uhdo ]
• SoftPerfect Network Scanner
– http://www.softperfect.com/
• Enumerate Windows Shares
– Start – Run - \\IP\C$ Login is administrator Password Start – Run \\(server
name or IP)
• Enumerate Windows Directory
– LDAP query – Dump Accounts and Groups on a 2000/2003 Server Tool is
on the Windows 2000/2003 Server CD (LDP.EXE)
Networking Scanning cont.
• HPing2
– Packet assembler/analyzer
– http://www.hping.org
• Netcat
– TCP/IP Swiss Army Knife
– http://tinyurl.com/2r4fx9
• TCPDump for Linux or Windump for Windows
– packet sniffers
– http://www.tcpdump.org and http://tinyurl.com/2gkvqq
• LanSpy
– local, Domain, NetBios, Global and local users, policy settings and
much more
– http://www.lantricks.com/
• Qcheck
•
•
Checks network response time, throughput, and streaming
performance
http://tinyurl.com/3csl3l
File Rescue and Restoration:
• Zero Assumption
– Digital Image rescue
– http:// http://tinyurl.com/372643
• Restoration File Recovery
– http://tinyurl.com/2ymm46
• Free Undelete
– http://tinyurl.com/2tp2zd
• Effective File Search
– Find data inside of files or data bases
– http://tinyurl.com/ynojg6
Discover & Securely Delete Important
Information:
• Windows and Office Key finder/Encrypting
– Win KeyFinder (also encrypts the keys)
• http://www.winkeyfinder.tk/
– ProduKey (also finds SQL server key)
• http://www.nirsoft.net
• Secure Delete software
– Secure Delete
• http://tinyurl.com/27p8uh
• File Shredder
– has been developed as a fast, safe and reliable tool to shred
company files
– http://www.fileshredder.org/
• DUMPSEC
– Dump all of the registry and share permissions
– http://www.somarsoft.com/
• Win Finger Print
– Scans for Windows shares, enumerates usernames, groups, sids
and much more
– http://tinyurl.com/2jeyto
Application and Data Base Tools
• N-Stealth
– An effective HTTP/Web application Security Scanner
– http://tinyurl.com/32owl7
• WINHTTrack
– Website copier
– http://tinyurl.com/ypmdq2
• SQLRecon
– Performs both active and passive scans of your network in order to
identify all of the SQL Server/MSDE installations
– http://tinyurl.com/3bgj44
– More SQL Tools http://tinyurl.com/3bgj44
• Absinthe
– Tool that automates the process of downloading the schema &
contents of a database that is vulnerable to Blind SQL Injection
– http://tinyurl.com/34catv
• WebInspect- SpyDynamics
– 15 day trial against your web/application servers
– http://tinyurl.com/359dsv
Encryption Software:
• Hard drive or Jump Drives
– True Crypt for cross platform encryption with lots of
options
• http://tinyurl.com/2ovdtm
– Dekart its free version is very simple to use paid
version has more options
• http://tinyurl.com/2z6uv2
• http://www.dekart.com/
• Email or messaging
– PGP for encrypting email
• http://tinyurl.com/2w4g9q
Wireless Tools:
• Aircrack
–
–
–
–
The fastest available WEP/WPA cracking tool
A suite of tools for 802.11a/b/g WEP and WPA cracking
Can recover a 40 through 512-bit WEP or WPA 1 or 2
The suite includes
• airodump (an 802.11 packet capture program)
• aireplay (an 802.11 packet injection program)
• aircrack (static WEP and WPA-PSK cracking)
• airdecap (decrypts WEP/WPA capture files)
– http://tinyurl.com/2xzyu6
• Net Stumbler
– Finds wireless networks
– http://wwww.netstumbler.com
• Kismet
– Wireless tools or packet sniffers
– http://wwww.kismetwireless.net
• Qcheck
– Determine real application speeds in WIFI networks
– http://tinyurl.com/3csl3l
Virtual Machines
• Xen for Linux
– http://tinyurl.com/2pbmp4
• VM server or VM workstation
– for booting Part Pe ISO’s or Remote Exploit
– http://tinyurl.com/7gqmw
• MS Virtual Server
– slower but very easy to use
– http://tinyurl.com/33mhln
• MS Virtual PC
– http://tinyurl.com/2jr7a7
• Virtual Iron
– http://virtualiron.com
• VM’s can be used to run auditing applications
that typically would require a dedicated server
Network Toolbox U3
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Analyzers
Network monitors
Traffic Generators
Network Scanners
IDS
Network Utilities
Network Clients
Secure Clients
SNMP
Web
Auditing Tools
Password revealers
System Tools
Supplementary tools (Dos prompt, Unix shell, etc..)
– http://tinyurl.com/yttny6
USB Switchblade
• Access all stored passwords on a windows computer
– [System info] [Dump SAM] [Dump Product Keys]
[Dump LSA secrets (IE PWs)] [Dump Network PW]
[Dump messenger PW] [Dump URL History]
• Available at http://tinyurl.com/2kwqgp
• Plug U3 Drive in any windows XP/2000/2003 computer
• Wait about 1 minute
• Eject Drive
• Go to run on the start menu, then type
x:\Documents\logfiles (x = flash drive letter) then press
enter
• Look at username and passwords or start cracking
hashed windows passwords
Digital Forensic Tools
• The Sleuth Kit and Autopsy Browser
– Open source digital investigation tools (digital forensic tools)
– http://www.sleuthkit.org/
• Boot CD
– UBCD4WIN
• http://www.ubcd4win.com
– BACKTRACK
• http://www.remote-exploit.org/
• Disclaimer
– Be very careful when it comes to doing any
forensic work as you can end up in Jail
Backup Software
• SyncBack
– http://tinyurl.com/29elte
Secure
• Encrypt a zip file with a 256-bit AES encryption
– Copy Open Files (XP/2003)
– Compression
• You can compress an unlimited size, and an unlimited
number of files. (Paid)
– Performance & Throttling
• limit bandwidth usage, (Paid)
– FTP and Email
• Backup or sync files with an FTP server. Auto email the
results of your backup
– Overview PPT on my web site
• http://www.es-es.net/
Network Tools Misc.
• WinSCP
– wraps a friendly GUI interface around the command-line switches
needed to copy files between Windows and Unix/Linux
–
http://tinyurl.com/yvywqu
• Nagios
– Highly configurable, flexible network resource monitoring tool.
–
http://www.nagios.org/
• EventSentry
– Allows you to consolidate and monitor event logs in real-time, as well
as monitor performance, disk space, services, processes and
software/hardware installations on servers and workstations.
– Additional features include temperature & humidity monitoring,
motion/smoke/water detection, process, logon and print tracking for
audit purposes
–
http://tinyurl.com/2g64sy
• WSUS
– Administrators can fully manage the distribution of updates that are
released through Microsoft Update to computers in their network.
–
http://tinyurl.com/22anrz
Network Tools Misc.
• SyncToy
– Used for copying, moving, and synchronizing different
directories http://tinyurl.com/3b3wrd
• PsTools
– manage remote systems as well as the local one
http://tinyurl.com/2xq8nu
• FoundStone
– Hack Pack: a collection of several hacking/security tools
http://tinyurl.com/22bap7
• 22 Essential Mac utilities
– http://tinyurl.com/2er2je
Q&A
• Resources are available at
– Files and suggestions
• http://www.es-es.net/9.html
– Security and Information Assurance Links
• http://www.es-es.net/6.html
– PPT for this and VM Security
• http://www.es-es.net/3.html
• Best Step by Step Security Videos Free
•
– http://www.irongeek.com
Build a slipstream Windows install CD at
http://tinyurl.com/4n7y5
Fun Tools
• YouSendit
– Send large files for free up to 100mb
– www.yousendit.com
• Odeo
– Setup your own free podcast
– www.odeo.com
• Tiny URL
– Make long URL’s short and easy to remember
– http://tinyurl.com/
QCheck
•
Qcheck, the network troubleshooting utility from Ixia, slices, dices, and checks network response
time, throughput, and streaming performance. It even runs anywhere-to-anywhere traceroute!
•
Qcheck provides a more realistic assessment of network performance. While Ping tracks the
response time of ICMP (Internet Control Message Protocol) messages, Qcheck sends real
application flows across the network to test connectivity and performance. When Qcheck tests
network response time, it determines how well real client/server applications will perform on the
network. In addition, Qcheck tests network throughput, which is a more appropriate measurement
than response time for determining how well an FTP or similar application will perform.
Qcheck tests can determine whether a network can support multimedia traffic. Qcheck can test a
network link using the application flows generated by streaming multimedia applications. Qcheck
will determine at what rate streaming traffic is received and how much packet loss is occurring.
Qcheck can test network performance between any two computers in your network once they have
Performance Endpoints installed. With Ping, a user is limited to testing the network connectivity
between his or her own computer and another computer. A Qcheck user can test network
performance between any two workstations on his or her network, regardless of their location, once
a Performance Endpoint is installed.
Qcheck supports multiple protocols. Unlike Ping, Qcheck supports the variety of protocols that are
present in most network environments. Qcheck can test the performance of TCP, UDP, SPX, and
IPX networks.
Qcheck provides diagnostic information about end systems. Qcheck gives you a glimpse into a
computer that may identify whether that particular computer is causing a network performance
problem. Reports from Qcheck indicate an endpoint computer's physical memory, operating
system levels, and (for streaming tests) CPU utilization, useful indicators of network performance.
Qcheck's traceroute tests collect information about network hops and hop latency between
endpoints. Traceroute information helps locate network problems down to the level of a specific
router.
•
•
•
•
•