Computer security is something that concerns us all to a greater or lesser extent. I said in previous posts that this concern mismanaged, I obsess us every click we make in our daily lives, making some almost back to paper and pencil. While it is true that without this obsession, computer security would not be where it is today, and today many popular projects nor had come to ask.
In some of these security projects we are going to talk about today. Dedicated applications, distributions with security features, software based on web (no need to download and install anything), I hope at least to include a little bit of everything this and be able to provide them with the chance to give you them to know and you try some of them, truth be told, there are the most interesting.
This web server scanner will perform extensive testing against (what a surprise…) server web, taking into account various factors such as non-updated versions of applications, specific problems of each found version, elements of the server configuration, identify the installed systems and analyze them… with over 6400 files in its database, as well as more than 1200 servers with which to compare the versions of installed software. Its analysis tools and plugins are frequently updated and automatically, so you do not have to be outstanding to have this or that version of the program, we will always have the latest available.
2. Cain and Abel
We are facing the only application available for Windows for this listing. This password recovery tool features a huge amount of profits. We can recover passwords by ‘breathing’ of the network (snnifers) by dictionary attack, brute force cryptanalysis or by using some exploits. In addition we can record VoIP conversations, decoding passwords returned by some sites, revealing pictures of passwords (typical shown as asterisks), get passwords of system cache, etc… It also allows us to analyze routing protocols of the system, an added bonus all of the above.
This tool is designed to either be used by other applications or scripts, or be a back-end user-friendly utility to manage and which can be trusted. It allows us to read and write data via TCP / UDP connections while enables us to create almost any type of connection we might need (e.g. connection to a given port to accept incoming connections). We also useful as a debugging tool or network scan.
Despite its popularity, was discontinued in 1995, becoming difficult to find a copy of the source code. But there’s the Linux community (specifically the Nmap project) to update such a useful tool, resulting Ncat, a modern reimplementation with support for SSL, IPv6, SOCKS and other yet exist at that time protocols.
This tool for ‘pen-testing’ (testing of accessibility to systems) will automate the process of detecting and exploiting SQL injection errors and takes care of the back-end database servers. It has a wide range of functions, such as accessing the file system infringed server and execute commands from its team outside its network, or being able to get the fingerprint (fingerprint in its strictest translation) or key access to a database to access the data contained in the database.
This suite of tools for WEP and WPA encryption (compatible with 802.11 a / b / g), implements the most popular algorithms ‘cracking’ to retrieve the keys to our wireless networks. This suite has more than a dozen very discrete applications such as airodump (captor packet network), aireplay (packet injection to a network), aircrack (opening cracks in WPA-PSK and WEP static in) and airdecap (descrambler files captured on WEP and WPA).
This software intrusion detection network as well as prevention of unauthorized access to the system, is highlighted in the traffic analysis and logging of packets in IP networks. Through protocol analysis, content searching, and various pre-processed, Snort is able to stop and alert the thousands of worms, Trojans, attempts to violate our firewall, in addition to warn us in case you are scanning one of our ports or other suspicious behavior. It also has a web interface for managing alerts called BASE (Basic Analysis and Security Engine).
This application is open source and totally free, but the developer also has commercial versions tested and certified by VRT, and not at all expensive if compared to other prices listed in this publication; $ 499.
7. Kali Linux (formerly known as BackTrack)
It is very well known by those who move in the world of Linux distributions or the computer safety. This distribution in Live-CD (bootable cd with installable option) offers a vast catalog of security and forensics tools, providing a development environment, testing and implementation of the complex. Another feature of Kali-Linux is the modularity, which is basically that we can create ourselves a distribution that fits our needs, selecting the packages that are going to use and apart from many other features that we do not need. In addition to customizing the package distribution, the fact of having a Gnome desktop and will make it easier we can also customize menus, icons, appearance, etc… may have a distribution that we use every day and as a tool for maintaining the security of our network.
One of nessusthe most popular scanners and cash vulnerabilities is Nessus. More than 46000 plugins make up its extensive Repertory, with which we can put ra test more than any environment that gets us ahead. Authentication, remote access, local access control privileges and scaled them, analysis of client-server architectures, in addition to having an advanced web interface and an environment to develop our own plugins.
Primarily designed for UNIX systems (although applicable to any platform that we find today), like Metasploit started being open source until 2005 when it was privatized and removed the free versions in 2008. I can buy today for about 1200 $ per year, although the Linux community as always is there to prove once again that Open Source is omnipresent and user group even developed a version of Nessus under the OpenVAS name.
At its launch in 2004, Metasploit revolutionized the world of security. We are facing what was mainly open source software designed for advanced development of applications and systems, and for the use and testing exploit code in controlled environments. The popular model analysis through payloads, encoders, no-op generators, and many other integrable exploits in various programs, has made Metasploit always stays at the forefront of the most talked about from the safety analysis software options. Among its repertoire of ‘extras’ we find hundreds of exploits that we can use or edit to create our own, which is more advisable to venture to download other scripts or shellcode’s of any forum, blog, web, do not know what can be behind, remember that the world of security there by the skepticism of many netizens, never hurts some of that distrust depending on what occasions.
Something very interesting that offers Metasploit is a contrastingly insecure Linux environment, which can be used to test all the ‘benefits’ of Metasploit in a controlled rather than having to deploy a server only for this purpose, or try it with our server environment active (only recommended if you know what we do and we know what result we obtain minimally).
Metasploit also comments that was a completely Open Source software, but in 2009 the company Rapid7 acquired and began to surface commercial variants. Although as always in this world of free software, thanks to the community we continue having a free but limited version. For those who are interested in buying the licenses, to comment that these are priced at between $ 3,000 and $ 15,000 depending on the features you need.
Previously known as Ethereal (until they lost the rights to that name because of a dispute with another brand of similar name in 2006), it’s a great open source tool that will provide a comprehensive analysis of our network. Wireshark has many nice features such as being able to perform the analysis on an existing network, or on a mapped an existing file on disk. it also includes a good dictionary to apply filters to navigation and the ability to reconstruct a TCP session to complete by the flow of data used and can track the navigation is generated from our network.