My Favorite Free Security Tools | ||||
Command-Line Tools | ||||
Command
|
Description
|
Example
|
Explanation
|
|
Linux
|
||||
Queries DNS servers for host name/IP address mappings. | dig dig <hostname> |
Queries hosts listed in /etc/resolve.conf or the host named. | ||
Requests a response from a host. Keeps going until Ctrl-C. | ping google.com | Asks the computer handling requests for google.com for a response. | ||
Insecure unencripted terminal client program | telnet host.foolish.com | Attempts to open telnet communications with host.foolish.com. This service should be disabled. | ||
Requests a detailed path from your PC to the destination. | traceroute google.com | Produces a report of the path your request takes, including IP addresses and response times. | ||
Queries DNS information about the owner and host of a domain. | whois XXX | |||
dd
|
A disk duplication utility useful in forensics | dd /dev/hda0 /dev/hdb0 | ||
nmap
|
The classic network mapper. Consider carefully who you map. | nmap arrestme.com | ||
Windows
|
||||
Reports the current Address Resolution Protocol cache | arp -a | Shows all current IP to MAC mappings. | ||
Reports established ports and connections being monitored | netstat -ano | Returns a 5-column report of IP addresses and port numbers. | ||
Queries DNS servers for host name/IP address mappings. | ||||
Requests a response from a host. Cycles 4 times. | ping google.com | Asks the computer handling requests for google.com for a response. | ||
Insecure unencripted terminal client program | telnet host.foolish.com | Attempts to open telnet communications with host.foolish.com. This service should be disabled. | ||
Requests a detailed path from your PC to the destination. | tracert google.com | Produces a report of the path your request takes, including IP addresses and response times. | ||
GUI Tools | ||||
Application
|
Description
|
Functions
|
Platform
|
Related
|
Remote security scanner for Linux, BSD, Solaris, and other Unix. Over 1200 remote security checks, and also uses plug-ins. Multi-format reports are available. And it even suggests solutions! | Security Check | Unix: Linux BSD Solaris Others |
||
A network protocol analyzer for Unix and Windows. Capture packets from a network or read a capture file on disk. View summary and detail information for each packet. Filter the info display and view a reconstructed stream of a TCP session. | Unix Windows |
A command-line version called tethereal (included) | ||
“Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable ‘back-end’ tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.” –www.securityfocus.com | Network Exploration | Unix, Windows | ||
Or follow the… | … vulnerability scanner page on Darknet at… | http://www.darknet.org.uk/tag/vulnerability-scanner/ |
Find wireless access points: NetStumbler
Find patterns in packets on the network: ngrep – network grep