NETWORK SECURITY NETWORK SECURITY

TOOLKITTOOLKIT

NETWORK SECURITY NETWORK SECURITY

TOOLKITTOOLKIT

Created By

Agenda

What is network security Importance of network security Network security toolkits

Security Tools

1.Snort

2.Ettercap

3.Sam Spade

4.Backtrack

5.Hydra

6.Deepfreeze

What is Network Security ?

Network security consists of the provisions and polices adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources

Importance of Network Security

Network Security Tools

Snort

→Developed by Sourcefire, Inc. in 2012

→Snort is lightweight network IDS or IPS which is used to detect a variety of attacks and probes

→Snort have three modes :

1. sniffer

2.packet logger

3.network intrusion detection

→Snort uses a flexible rule-based language to describe traffic

Features

→Small ,Portable (Linux, Solaris, *BSD, IRIX, HP-UX)

→Fast and Open Source Software

→Configurable (Easy rules

language, many reporting/

logging options)

Ettercap

→ Ettercap is a tool for network protocol analysis and security auditing

→ Capable of intercepting traffic , capture passwords, and conduct active eavesdropping

against common protocols

→ Supports active and passive

dissection of many protocols

Features

→  Ettercap offers four modes of operation:

1.IP-Based

2.MAC-Based

3.ARP-Based

4. PublicARP-based

→ Character injection into an established connection

→ HTTPS support

→ Plug-in support

Features(contd…)

→ Password collectors for

→ Packet filtering/dropping

→ OS fingerprinting

→ Passive scanning of the LAN

→ Hijacking of DNS requests

Sam Spade

→ Sam Spade utility was authored by Steve Atkins in 1997

→ Sam Spade is a network tool suite, with some extra features that will enable you to track unsolicited email.

→  The Sam Spade tool acts as a sleuth that finds as much public information about an IP address or DNS address

→ It integrates the capabilities found in ping, traceroute, time, whois, nslookup, finger, DIG , etc

Features

→ DNS zone transfer

→ SMTP Relay Check 

→ Scan Addresses 

→ Crawl website

→ Browse web

→ Fast and Slow Traceroute

→ Decode URL

→ Parse email headers 

→ Check cancels 

Backtrack

→ Linux distribution designed for penetration testing, aka "ethical hacking“

→ BackTrack is a Linux distribution that is security focused and contains over 300 security tools integrated with a highly polished user interface

→ current version is BackTrack 5 R3

Hydra

→ very fast network logon cracker 

→ perform rapid dictionary attacks against more then 30 protocols, including TELNET, FTP, HTTP, HTTPS, MS-SQL, MYSQL,SNMP, POP3, IMAP etc

Features

→ IPv6 Support

→ Graphic User Interface

→ Internationalized support (RFC 4013)

→ HTTP proxy support

→ SOCKS proxy support

Deep Freeze

→Developed by Feronics ,Deep Freeze makes computer configurations indestructible

→Any changes made to a computer are wiped out at the end of the session

→Provides immunity from:

→Accidental system misconfiguration

→Malicious software activity

→Incidental system degradation

Features

→Multiple Thaw Spaces

→Hidden Thaw Spaces

→Improved Console Functionality

→Remote Desktop Control

→Remote EXE & MSI execution(using PSEXEC)

→New Event Scheduler

→Multiple, daily events now possible

Conclusion

No system or network is absolutely secure , as hackers or many algorithms are there to break passwords and much valuable information, which leads to a great loss. Hence network security tools provides the remedy by many ways.

Thank You!!!