PCS Technology Ltd., Mumbai

Details of the Information Security Audit Tools

 

Freeware:

  1. Nessus : Nessus is a OS Vulnerability Scanner.  Nessus is a remote security scanner for Linux, BSD, Solaris, and other Unices.  It is plug-in-based, has a GTK interface, and performs over 1200 remote security checks.  It allows for reports to be generated in HTML, XML, LaTeX, and ASCII text, and suggests solutions for security problems.
  2. Netcat : Netcat is a utility that is able to write and read data across TCP and UDP network connections.  Netcat can be used as port scanner, a backdoor, a port redirector, a port listener and lots of other cool things too.

 

  1. LC4 : This tool is used for checking the password strength, password attacks and recovery.  LC4 uses a variety of sources and methods to retrieve passwords from the operating system.  It provides feedback about the strength of passwords based on the types of audit required to recover the password and the length of time required to do so. In other cases LC4 can be used to streamline the migration or upgrading of users from one authentication system to another.  Lastly, LC4 can serve to recover a lost or forgotten password to permit re-entry to a system from which an administrator is locked out.

 

  1. Nmap, HoPPA : These tools are used as for Port Scanning.  Port Scanning activities are carried out from External Internet connections to assess the ports, which are open in the Server.  The report received about the port scanning is checked with the actual services required to be run or the documented security policy of the company.

 

  1. Ethereal : Ethereal is a GUI network protocol analyzer.  It lets you interactively browse packet data from a live network or from a previously saved capture file.

 

Commercial:

 

  1. N Stealth : N-Stealth is a vulnerability-assessment product that scans web servers to identify security problems and weaknesses that may allow an attacker to gain privileged access.  The software comes with an extensive database of over 30,000 vulnerabilities and exploits.  N-Stealth is more actively maintained than the network security scanners and consequently has a larger database of vulnerabilities.  N-Stealth is a comprehensive web server security-auditing tool that scans for over 30,000 vulnerabilities.  The software's wide array of scanning techniques and extensive security-hole database make it the best available program for locking down web servers. N-Stealth can audit both local and remote web servers.  Simply plug in your IP address and let it run within minutes, you will have a full report outlining all the potential security holes on the server.

 

  1. Cobra : It is a tool for conducting Risk Assessment.  It helps in defining Business Risk mapping to Risks associated with IT Assets. It has a vast database of Threats and Vulnerabilities and helps to do What-if Analysis.  It has a strong reporting tool with Executive summary and graphical outputs.

 

  1. MBSA : The Microsoft Baseline Security Analyzer checks computers running Microsoft Windows Server 2003, Windows XP, Windows 2000, or Windows NT @ 4.0 for common security misconfigurations. It checks for Windows vulnerabilities, weak passwords, IIS vulnerabilities, SQL vulnerabilities and security updates. Scans can be performed locally and remotely against computers running   Windows Server 2003, Windows XP, Windows 2000, and Windows NT 4.0.  Note that on computers running Windows XP and using simple file sharing; only local scans can be performed.