1. Home
  2. Networking
  3. Network security assessment

Chapter 2. The Tools Required

This chapter describes the operating systems and some key tools required to undertake an IP-based network security assessment. Many advanced TCP/IP assessment utilities are available only for Unix-based systems such as Linux, so you will often find that a competent security consultant uses a variety of tools under different operating systems to assess and successfully penetrate a network. These tools and their respective uses are discussed in detail throughout the book, and they are listed here so that you can select and start to prepare your assessment platform before moving forward.

All tools listed in this book can also be found in the O'Reilly archive at http://examples.oreilly.com/networksa/tools. I have listed the original sites in most cases so that you can freely browse other tools and papers on each respective site.



    		Network Security Assessment
    		Foreword
    		Preface
    		Chapter 1. Network Security Assessment
    		Chapter 2. The Tools Required
    		2.1 The Operating Systems
    		2.2 Free Network Scanning Tools
    		2.3 Commercial Network Scanning Tools
    		2.4 Protocol-Dependent Assessment Tools
    		Chapter 3. Internet Host and Network Enumeration
    		Chapter 4. IP Network Scanning
    		Chapter 5. Assessing Remote Information Services
    		Chapter 6. Assessing Web Services
    		Chapter 7. Assessing Remote Maintenance Services
    		Chapter 8. Assessing FTP and Database Services
    		Chapter 9. Assessing Windows Networking Services
    		Chapter 10. Assessing Email Services
    		Chapter 11. Assessing IP VPN Services
    		Chapter 12. Assessing Unix RPC Services
    		Chapter 13. Application-Level Risks
    		Chapter 14. Example Assessment Methodology
    		Appendix A. TCP, UDP Ports, and ICMP Message Types
    		Appendix B. Sources of Vulnerability Information
    		Colophon