[BBLISA] Question about Network analysis tools
Public
echo at beltrani.com
Wed Jan 7 17:13:29 EST 2004
On Wed, 2004-01-07 at 16:39, snagao at citistreetonline.com wrote:
> My manager wants to be able to scan a server to see what ports are open
> and make sure the open ports are those that are allowed according to our
> security policies before we release the server for production use.
>
> In addition, the tool should not interfere with or shutdown application
> ports
> while scanning. This has happened once in our environment and it basically
> crippled the application.
Any of the port scanning tools already mentioned will handle this. As
they've been discussed in other replies I won't reiterate the details of
each tool here.
BTW, if this is just a sanity check before you release and you can
assume the system hasn't been hacked, would a simple "netstat -l" or
"lsof -i" on the box itself meet your needs? :-)
- Paul
>
> One of my colleagues is in favor of using SARA. Since I have never used
> any network tools before, I am looking to my fellow admins for suggestions
> on what works well with Linux which meets my requirements and is not very
> difficult to configure and use. And is free. :-)
>
>
> Thanks!
> Sharon
>
>
>
>
>
>
>
> Public
> <echo at beltrani.co To: snagao at citistreetonline.com
> m> cc:
> Subject: Re: [BBLISA] Question about Network analysis tools
> 01/07/2004 04:28
> PM
>
>
>
>
>
>
> That brings back memories. As someone else mentioned, SATAN is at least
> 9 years old. I'm not sure it will even compile "out of the box" on the
> latest Linux distributions. As I recall there was a tool called SAINT
> that was designed to supersede SATAN.
>
> Is this project better defined than "throw something like SATAN on a
> Linux box"? i.e. What problem are you trying to solve? That may make it
> easier to suggest tools for the job.
>
>
> FWIW, you may want to check out the following open source tools:
>
> 1) NMAP http://www.insecure.org/nmap/index.html
>
> 2) Nessus http://www.nessus.org/
>
> 3) Snort NIDS http://www.snort.org/
>
> - Paul
>
>
>
> On Tue, 2004-01-06 at 16:02, snagao at citistreetonline.com wrote:
> > I have been asked to install a network security analysis tool like SATAN
> > on a linux machine. The linux machine is running RedHat Advance server
> > 3.0.
> >
> > I would like to know how the various tools compare and which one(s) are
> > used in most/many companies.
> >
> > My thanks in advance to all those who reply.
> >
> >
> > - sharon
> >
> >
> > _______________________________________________
> > bblisa mailing list
> > bblisa at bblisa.org
> > http://www.bblisa.org/mailman/listinfo/bblisa
>
>
>
>
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
More information about the bblisa
mailing list