[BBLISA] Question about Network analysis tools
miah
jjohnson at sunrise-linux.com
Wed Jan 7 16:55:22 EST 2004
nmap will tell you what ports are open on a server if thats all you want to do, it cant get any easier.
If a application crashes because it received unexpected data, you should really fix it, its a bug. Show the programmer docs on input validation.
I haven't used SARA, but I highly recommend Nessus, its not hard to use and its probably the best open source security scanner out there. Its al GUI point and click and gives you a pretty report full of stuff.
-miah
On Wed, Jan 07, 2004 at 04:39:53PM -0500, snagao at citistreetonline.com wrote:
>
> My manager wants to be able to scan a server to see what ports are open
> and make sure the open ports are those that are allowed according to our
> security policies before we release the server for production use.
>
> In addition, the tool should not interfere with or shutdown application
> ports
> while scanning. This has happened once in our environment and it basically
> crippled the application.
>
> One of my colleagues is in favor of using SARA. Since I have never used
> any network tools before, I am looking to my fellow admins for suggestions
> on what works well with Linux which meets my requirements and is not very
> difficult to configure and use. And is free. :-)
>
>
> Thanks!
> Sharon
>
>
>
>
>
>
>
> Public
> <echo at beltrani.co To: snagao at citistreetonline.com
> m> cc:
> Subject: Re: [BBLISA] Question about Network analysis tools
> 01/07/2004 04:28
> PM
>
>
>
>
>
>
> That brings back memories. As someone else mentioned, SATAN is at least
> 9 years old. I'm not sure it will even compile "out of the box" on the
> latest Linux distributions. As I recall there was a tool called SAINT
> that was designed to supersede SATAN.
>
> Is this project better defined than "throw something like SATAN on a
> Linux box"? i.e. What problem are you trying to solve? That may make it
> easier to suggest tools for the job.
>
>
> FWIW, you may want to check out the following open source tools:
>
> 1) NMAP http://www.insecure.org/nmap/index.html
>
> 2) Nessus http://www.nessus.org/
>
> 3) Snort NIDS http://www.snort.org/
>
> - Paul
>
>
>
> On Tue, 2004-01-06 at 16:02, snagao at citistreetonline.com wrote:
> > I have been asked to install a network security analysis tool like SATAN
> > on a linux machine. The linux machine is running RedHat Advance server
> > 3.0.
> >
> > I would like to know how the various tools compare and which one(s) are
> > used in most/many companies.
> >
> > My thanks in advance to all those who reply.
> >
> >
> > - sharon
> >
> >
> > _______________________________________________
> > bblisa mailing list
> > bblisa at bblisa.org
> > http://www.bblisa.org/mailman/listinfo/bblisa
>
>
>
>
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
More information about the bblisa
mailing list