InstallingSecurityTools

Differences between revisions 1 and 2
Revision 1 as of 2005-07-26 14:52:44
Size: 2827
Editor: c-67-174-186-96
Comment: Adding basic information to new page
Revision 2 as of 2005-07-26 20:17:51
Size: 2835
Editor: S0106000000cc07fc
Comment: add category documentation, cleanup
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= Installing Security Tools =
Line 56: Line 54:

CategoryDocumentation CategoryCleanup

The Ubuntu repositories contain several useful tools for maintaining a secure network and network administration. This page attempts to list the most popular and useful of these utilities, a brief description of them, and how to install them.

  • Ethereal - a popular network traffic analyzing tool, that can capture both off the wire and from existing caputure files. It features a helpful GUI to ease analysis. Note: The Universe package adds a menu entry that expects the user to have a root account. To use ethereal in Ubuntu, use sudo in a terminal, or edit the menu entry to use gksudo. To install: 

sudo apt-get install ethereal ethereal-common

  • Nessus - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and a usually current attack database. It also features useful scripting abilities. To install: 

sudo apt-get install nessus

  • nmap - the standard network mapper. Has a thousand and one uses. To install: 

sudo apt-get install nmap

  • Etherape - an etherman clone. It displays network activity with an intuitive UI. To install: 

sudo apt-get install etherape

  • Kismet - a wireless sniffing tool. Includes support for GPS map scanning with in use of the gpsdrive package. To install: 

sudo apt-get install kismet

  • chkrootkit - chkrootkit can be used to help determine if a machine has been compromised. While not what you should use for the 'final word' on if you have been compromised, it runs a lot of useful checks and can direct suspicions towards finding a solution. To install: 

sudo apt-get install chkrootkit

  • GnuPG - an opensource PGP replacement. Lacks support for IDEA, but is incredibly useful. Included by default.

  • Seahorse - a light-weight Gnome frontend for GPG, makes managing keys much easier. To install: 

sudo apt-get install seahorse

  • Nemesis - a commandline based packet injection utility. Requires a bit of reading the documentation to get full use from. 

sudo apt-get install nemesis

  • tcpdump - while its name suggests that it works for only TCP, tcpdump also supports UDP, BGP, NFS, and a lot of other packet types. It is a powerful network utility that should be in every admins toolbox. 

sudo apt-get install tcpdump

  • OpenSSH - OpenSSH almost singlehandly stopped admins from using telnet, an insecure protocol. The OpenSSH client is installed by default. Generally you want to use SSH instead of telnet or rsh. In some situations, such as large number of clients, you might want to pursue other options, such as telnet with ssl. To install the ssh server: 

sudo apt-get install openssh-server

CategoryDocumentation CategoryCleanup

InstallingSecurityTools (last edited 2008-08-06 16:41:06 by localhost)