NETWORK SECURITY
The Network Security Toolkit (NST) is a Linux-based Live DVD/USB Flash Drive that provides a set of open source computer security and networking tools to perform routine security and networking diagnostic and monitoring tasks.
By helping IT departments perform routine scans and detect flaws and unexpected changes in an organization’s information systems, network security tools simplify network administration and monitoring and assist in auditing for security compliance purposes. Peripheral network security tools such as virus protection programs, firewalls, and intrusion detection systems work to keep networks safer. And, network security utilities like network mappers, port scanners, and packet analyzers, tools which are typically used in network penetration testing, allow administrators to identify the vulnerabilities hackers exploit in carrying out network attacks like DDoS and DNS spoofing.
The Disadvantages of On-Premise Network Security Tools
Although useful for troubleshooting and finding known vulnerabilities in network infrastructure, on-premise network security tools can be expensive, complicated and CPU-intensive, adversely affecting the performance of your company’s servers and applications. Improper configuration can result in false positives, or worse, insufficient protection. Requiring time-consuming patching and updating and essentially limited in capacity and capabilities, network security tools cannot adapt to or maintain pace with the rapid evolution of today’s threat landscape.
Moreover, automated vulnerability assessment tools are only capable of detecting documented flaws in your applications and configurations—not the weaknesses hackers will discover tomorrow. Intelligent vulnerability management, on the other hand, requires expert-driven manual penetration testing, which is costly and requires extensive planning, making it impractical for resource-constrained IT shops.
Web Security Made Simpler: Cloud-based Solutions from Akamai
Ultimately, many organizations will find that the ROI for traditional network security tools isn’t quite what they expected, particularly when these defenses fail in the face of a large-scale attack. Fortunately, there is now a simpler, more cost-effective way for companies to achieve robust, scalable security for their servers, websites and applications—and spend less time and money on installing, configuring and managing on-premise network security tools.
With over 160,000 CDN servers in more than 95 countries handling over 5.5 Tbps of web traffic on average every day, Akamai offers our customers a globally distributed network of hardened servers and an in-depth, multi-layered approach to defense, providing:
-
Flexibility. Built on the Akamai Intelligent Platform, our Cloud Security Solutions allow you to deploy the defense strategies most appropriate for each attack scenario and respond more efficiently and effectively to every type of threat.
-
Scalability. Leveraging our platform’s virtually unlimited capacity, our Kona Site Defender solution can absorb the massive amounts of traffic created by application-layer DDoS attacks while deflecting DDoS traffic targeted at the network layer.
-
Performance. Our Web Application Firewall (WAF) filters out suspicious traffic in HTTP as close to the source as possible—without degrading the performance and availability of your websites and services—and can help to safeguard the SSL security of your applications.
The following are 10 essential security tools that will help you to secure your systems and networks. These open source security tools have been given the essential rating due to the fact that they are effective, well supported and easy to start getting value from.
1. Nmap – map your network and ports with the number one port scanning tool. Nmap now features powerful NSE scripts that can detect vulnerabilities, misconfiguration and security related information around network services. After you have nmap installed be sure to look at the features of the included ncat – its netcat on steroids.
2. OpenVAS – open source vulnerability scanning suite that grew from a fork of the Nessus engine when it went commercial. Manage all aspects of a security vulnerability management system from web based dashboards. For a fast and easy external scan with OpenVAS try our online OpenVAS scanner.
3. OSSEC – host based intrusion detection system or HIDS, easy to setup and configure. OSSEC has far reaching benefits for both security and operations staff.
4. Security Onion – a network security monitoring distribution that can replace expensive commercial grey boxes with blinking lights. Security Onion is easy to setup and configure. With minimal effort you will start to detect security related events on your network. Detect everything from brute force scanning kids to those nasty APT’s.
5. Metasploit Framework – test all aspects of your security with an offensive focus. Primarily a penetration testing tool, Metasploit has modules that not only include exploits but also scanning and auditing.
6. OpenSSH – secure all your traffic between two points by tunnelling insecure protocols through an SSH tunnel. Includes scp providing easy access to copy files securely. Can be used as poor mans VPN for Open Wireless Access points (airports, coffee shops). Tunnel back through your home computer and the traffic is then secured in transit. Access internal network services through SSH tunnels using only one point of access. From Windows, you will probably want to have putty as a client and winscp for copying files. Under Linux just use the command line ssh and scp.
7. Wireshark – view traffic in as much detail as you want. Use Wireshark to follow network streams and find problems. Tcpdump and Tshark are command line alternatives. Wireshark runs on Windows, Linux or OSX based systems.
8. BackTrack – an Ubuntu based Linux distribution that is configured with hundreds of security testing tools and scripts. Backtrack is well known with penetration testers and hobbyists alike.
9. Nikto – a web server testing tool that has been kicking around for over 10 years. Nikto is great for firing at a web server to find known vulnerable scripts, configuration mistakes and related security problems. It won’t find your XSS and SQL web application bugs, but it does find many things that other tools miss. To get started try the Nikto Tutorial or the online hosted version.
10. Truecrypt – encrypt all the things. Truecrypt is a strong encryption utility that can encrypt entire volumes or create an encrypted container within a file system. Use Truecrypt to protect your flash drives. If it gets lost, even the NSA will have trouble reading the data.
