InstallingSecurityTools
|
Size: 2841
Comment: adding link
|
Size: 3117
Comment: adding a bit more information
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 8: | Line 8: |
| * '''Nessus''' - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and a usually current attack database. It also features useful scripting abilities. To install: | * '''Nessus''' - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and offers a usually current attack database. It also features useful scripting abilities, allowing you to automate many tasks. To install: |
| Line 33: | Line 33: |
| * '''GnuPG''' - an opensource PGP replacement. Lacks support for IDEA, but is incredibly useful. Included by default. | * '''GnuPG''' - an opensource PGP replacement. Lacks support for IDEA, but is incredibly useful. Included by default. GnuPG will allow you to encrypt emails, digitally sign, and integrates well into the Evolution mail client as well as Thunderbird. |
| Line 45: | Line 45: |
| * '''tcpdump''' - while its name suggests that it works for only TCP, tcpdump also supports UDP, BGP, NFS, and a lot of other packet types. It is a powerful network utility that should be in every admins toolbox. | * '''tcpdump''' - while its name suggests that it works for only TCP, tcpdump also supports UDP, BGP, NFS, and a lot of other packet types. It is a powerful network utility that should be in every admins toolbox, allowing you to pull in everything off the wire. In combination with ethereal it doesn't miss much. |
The Ubuntu repositories contain several useful tools for maintaining a secure network and network administration. This page attempts to list the most popular and useful of these utilities, a brief description of them, and how to install them.
Ethereal - a popular network traffic analyzing tool, that can capture both off the wire and from existing caputure files. It features a helpful GUI to ease analysis. Note: The Universe package adds a menu entry that expects the user to have a root account. To use ethereal in Ubuntu, use sudo in a terminal, or edit the menu entry to use gksudo. To install:
sudo apt-get install ethereal ethereal-common
Nessus - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and offers a usually current attack database. It also features useful scripting abilities, allowing you to automate many tasks. To install:
sudo apt-get install nessus
nmap - the standard network mapper. Has a thousand and one uses. To install:
sudo apt-get install nmap
Etherape - an etherman clone. It displays network activity with an intuitive UI. To install:
sudo apt-get install etherape
Kismet - a wireless sniffing tool. Includes support for GPS map scanning with in use of the gpsdrive package. To install:
sudo apt-get install kismet
chkrootkit - chkrootkit can be used to help determine if a machine has been compromised. While not what you should use for the 'final word' on if you have been compromised, it runs a lot of useful checks and can direct suspicions towards finding a solution. To install:
sudo apt-get install chkrootkit
GnuPG - an opensource PGP replacement. Lacks support for IDEA, but is incredibly useful. Included by default. GnuPG will allow you to encrypt emails, digitally sign, and integrates well into the Evolution mail client as well as Thunderbird.
Seahorse - a light-weight Gnome frontend for GPG, makes managing keys much easier. To install:
sudo apt-get install seahorse
Nemesis - a commandline based packet injection utility. Requires a bit of reading the documentation to get full use from.
sudo apt-get install nemesis
tcpdump - while its name suggests that it works for only TCP, tcpdump also supports UDP, BGP, NFS, and a lot of other packet types. It is a powerful network utility that should be in every admins toolbox, allowing you to pull in everything off the wire. In combination with ethereal it doesn't miss much.
sudo apt-get install tcpdump
[:SSHHowTo:OpenSSH] - OpenSSH almost singlehandly stopped admins from using telnet, an insecure protocol. The OpenSSH client is installed by default. Generally you want to use SSH instead of telnet or rsh. In some situations, such as large number of clients, you might want to pursue other options, such as telnet with ssl. To install the ssh server:
sudo apt-get install openssh-server
InstallingSecurityTools (last edited 2008-08-06 16:41:06 by localhost)