CERT-In:Indian Computer Emergency Response Team

CMC Ltd

Details of the Audit Tools

Freeware

1. Nessus - Nessus is a leading vulnerability assessment tool used in security audit for successfully identifying vulnerabilities in operating systems and network devices.

2. NMAP - NMAP is a port scanning utility it scans the ports and lists the ports that are open and the services running on them. It can guess the version of the operating system running on the target machine.

3. Microsoft Baseline Security Analyzer (MBSA) - MBSA provides a streamline method of identifying common security mis-configurations of Windows systems.

4. Hping2 - Hping2 is a common-line oriented TCP/IP packet assembler/analyzer. This can also be used for - Firewall testing, Advanced port scanning, Network testing, using different protocols, TOS, fragmentation, Advanced traceroute, under all the supported protocols, Remote OS fingerprinting

5. CIS Benchmark/Scoring tools - The Center for Internet Security's (CIS) Benchmark / Scoring Tools for security configuration of Operating Systems, Network Devices and applications.

6. Achilles - Achilles is a web application security assessment tool, Achilles acts as a HTTP/HTTPs proxythat allows a user to intercept, log, and modify web traffic on the fly.

7. Ethereal - Freeware Ethereal is a free network protocol analyzer for Unix and Windows. It is used to examine data froma live network or from a capture file on disk. It shows the summary and detail information for each packet captured. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

8. John the Ripper - John the Ripper is a password auditing tool that is used for detecting weak UNIX/Windows passwords.

9. Nikto - Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers.

10. Brutus - Brutus is a remote passwork cracker. Brutus is used to recover valid access tokens (usually a username and password) for given target system.

11. Xproble2 - Xprobe2 is a remote active operating system fingerprinting tool which uses advanced techniques, such as the usage of statistical analysis ('fuzzy logic') to match between probe response(s) to its signature database and others, in order to provide with accurate results regarding the un derlying operating system of a probed element(s).

Commercial

1. ISS Internet scanner - The internet scanner application, an integrated part of internet Security Systems' security management platform, provides comprehensive network vulnerability assessment of measuring online security risks. Internet Scanner performs schedules and selective probes of communication services, operating systems, applications and routers to uncover and report systems vulnerabilities that might be open to attack. In addition to providing flexible risk management reports, internet Scanner prepares remediation advice, trend analyses and comprehensive data sets to support sound, knowledge-based policy enforcement.