Security+: My Favorite Free Tools

 

My Favorite Free Security Tools
Command-Line Tools
Command
Description
Example
Explanation
Linux
dig
Queries DNS servers for host name/IP address mappings. dig
dig <hostname>
Queries hosts listed in /etc/resolve.conf or the host named.
ping
Requests a response from a host. Keeps going until Ctrl-C. ping google.com Asks the computer handling requests for google.com for a response.
telnet
Insecure unencripted terminal client program telnet host.foolish.com Attempts to open telnet communications with host.foolish.com. This service should be disabled.
traceroute
Requests a detailed path from your PC to the destination. traceroute google.com Produces a report of the path your request takes, including IP addresses and response times.
whois
Queries DNS information about the owner and host of a domain. whois XXX
dd
A disk duplication utility useful in forensics dd /dev/hda0 /dev/hdb0
nmap
The classic network mapper. Consider carefully who you map. nmap arrestme.com
Windows
arp
Reports the current Address Resolution Protocol cache arp -a Shows all current IP to MAC mappings.
netstat
Reports established ports and connections being monitored netstat -ano Returns a 5-column report of IP addresses and port numbers.
nslookup
Queries DNS servers for host name/IP address mappings.
ping
Requests a response from a host. Cycles 4 times. ping google.com Asks the computer handling requests for google.com for a response.
telnet
Insecure unencripted terminal client program telnet host.foolish.com Attempts to open telnet communications with host.foolish.com. This service should be disabled.
tracert
Requests a detailed path from your PC to the destination. tracert google.com Produces a report of the path your request takes, including IP addresses and response times.
GUI Tools
Application
Description
Functions
Platform
Related
Remote security scanner for Linux, BSD, Solaris, and other Unix. Over 1200 remote security checks, and also uses plug-ins. Multi-format reports are available. And it even suggests solutions! Security Check Unix:
Linux
BSD
Solaris
Others
A network protocol analyzer for Unix and Windows. Capture packets from a network or read a capture file on disk. View summary and detail information for each packet. Filter the info display and view a reconstructed stream of a TCP session. Unix
Windows
A command-line version called tethereal (included)

Netcat (Unix)

Netcat (Windows)

“Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable ‘back-end’ tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.” –www.securityfocus.com Network Exploration Unix, Windows
Or follow the… … vulnerability scanner page on Darknet at… http://www.darknet.org.uk/tag/vulnerability-scanner/
Series Navigation<< Security+ SY0-601: 5.5: Privacy and Sensitive DataSecurity+ : Sample Questions >>