Network Security
Management Tools
MCNS—Network Security Management Tools—17-2
Copyright 1998, Cisco Systems, Inc.
Objectives
•
Describe security vulnerability testing,
detection, and auditing tools useful in
the Cisco network security environment
Upon completion of this chapter,
you will be able to:
MCNS—Network Security Management Tools—17-3
Copyright 1998, Cisco Systems, Inc.
Integrity Testing Tools
MCNS—Network Security Management Tools—17-4
Copyright 1998, Cisco Systems, Inc.
Managing the Secure
XYZ Network
Campus
CiscoSecure ACS Server
TACACS+, RADIUS
Perimeter
Router
Firewall
Bastion Host:
Web Server
FTP Server
Web Surfer
Dialup
Internet
Dialup Client
Network Access
Server
Remote
Branch
Sales
Engineering
PSTN/
ISDN
Campus
Client
Token
Server
MCNS—Network Security Management Tools—17-5
Copyright 1998, Cisco Systems, Inc.
Scanners
•
ISS SafeSuite (UNIX and NT)
Top commercial scanner
Suite of several scanners with GUI
•
SATAN (UNIX)
Security Administrator’s Tool for Analyzing Networks
Scans remote hosts for most known security holes
MCNS—Network Security Management Tools—17-6
Copyright 1998, Cisco Systems, Inc.
Scanners (cont.)
•
NSS (UNIX)
•
Strobe (UNIX)
•
Jackal (UNIX)
•
IdentTCPScan (UNIX)
•
CONNECT (UNIX)
•
FSPScan (Windows, OS/2)
•
XSCAN (UNIX)
MCNS—Network Security Management Tools—17-7
Copyright 1998, Cisco Systems, Inc.
Sniffers
•
Network General Sniffer
•
Network General XRay
•
Gobbler (DOS/Windows)
•
ETHLOAD
•
Netman suite (Etherman)
•
Esniff.c
•
Network Monitor (Microsoft)
MCNS—Network Security Management Tools—17-8
Copyright 1998, Cisco Systems, Inc.
Password Crackers/Checkers
•
Passwd+
•
Crack (UNIX)
CrackerJack (UNIX)
PaceCrack95 (Windows 95)
Qcrack (DOS/Windows)
John the Ripper (UNIX)
Pcrack (UNIX Perl script)
Hades (UNIX)
Star Cracker (DOS)
Killer Cracker (UNIX, others)