Security-Testing Tools

No discussion of firewall and security tools is complete without a brief discussion regarding security-testing tools. | Security-Testing Tools No discussion of firewall and security tools is complete without a brief discussion regarding security-testing tools. Firewall administrators should make regular use of two primary tools to perform basic testing of the firewall ruleset and the firewall s ability to protect hosts and networks port-scanning tools and vulnerability-scanning tools. To be sure for an in-depth review of security other tools such as password-cracking tools packet-crafting tools and exploit frameworks should absolutely be considered a discussion of which is beyond the scope of this appendix . Port-Scanning Tools Port-scanning tools function by attempting to connect to a host using a range of TCP and UDP ports. This information can then be used to determine which ports are listening and thus which applications are probably running on the host. Port-scanning tools are one of the best ways to test your firewall ruleset because the ruleset should allow traffic only on the ports that you have defined. If you port scan the firewall or the IP addresses of the protected hosts the firewall is protecting and find that it responds on ports other than the ones that you have defined there is a good chance that the firewall ruleset is misconfigured and therefore may be exposing the protected host network to external threats. The most common and popular port scanner is Nmap. Nmap is an open source utility that runs on Windows Linux and UNIX hosts and can be downloaded from http . Nmap contains both a command-line utility and a graphical front end however the Windows graphical front end has not been maintained and updated for quite some time. Running Nmap is a straightforward process. Running Nmap without any options brings up the usage screen as shown in Example A-9. Example A-9. Nmap Usage Screen C Download Hacking Tools Nmap nmap Nmap Usage nmap Scan Type s Options host or net list Some Common Scan Types options require root privileges -sS TCP SYN .

Không thể tạo bản xem trước, hãy bấm tải xuống
TÀI LIỆU MỚI ĐĂNG
15    22    4    03-12-2024
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.