InstallingSecurityTools
|
Size: 3117
Comment: adding a bit more information
|
Size: 2968
Comment: rework installation method, remove cat cleanup
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| * '''Ethereal''' - a popular network traffic analyzing tool, that can capture both off the wire and from existing caputure files. It features a helpful GUI to ease analysis. Note: The Universe package adds a menu entry that expects the user to have a root account. To use ethereal in Ubuntu, use sudo in a terminal, or edit the menu entry to use '''gksudo'''. To install: | * '''Ethereal''' - a popular network traffic analyzing tool, that can capture both off the wire and from existing caputure files. It features a helpful GUI to ease analysis. Note: The Universe package adds a menu entry that expects the user to have a root account. To use ethereal in Ubuntu, use sudo in a terminal, or edit the menu entry to use '''gksudo'''. Install the following: |
| Line 5: | Line 5: |
| sudo apt-get install ethereal ethereal-common | ethereal ethereal-common |
| Line 8: | Line 8: |
| * '''Nessus''' - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and offers a usually current attack database. It also features useful scripting abilities, allowing you to automate many tasks. To install: | * '''Nessus''' - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and offers a usually current attack database. It also features useful scripting abilities, allowing you to automate many tasks. Install the following: |
| Line 10: | Line 10: |
| sudo apt-get install nessus | nessus |
| Line 13: | Line 13: |
| * '''nmap''' - the standard network mapper. Has a thousand and one uses. To install: | * '''nmap''' - the standard network mapper. Has a thousand and one uses. Install the following: |
| Line 15: | Line 15: |
| sudo apt-get install nmap | nmap |
| Line 18: | Line 18: |
| * '''Etherape''' - an etherman clone. It displays network activity with an intuitive UI. To install: | * '''Etherape''' - an etherman clone. It displays network activity with an intuitive UI. Install the following: |
| Line 20: | Line 20: |
| sudo apt-get install etherape | etherape |
| Line 23: | Line 23: |
| * '''Kismet''' - a wireless sniffing tool. Includes support for GPS map scanning with in use of the gpsdrive package. To install: | * '''Kismet''' - a wireless sniffing tool. Includes support for GPS map scanning with in use of the gpsdrive package. Install the following: |
| Line 25: | Line 25: |
| sudo apt-get install kismet | kismet |
| Line 28: | Line 28: |
| * '''chkrootkit''' - chkrootkit can be used to help determine if a machine has been compromised. While not what you should use for the 'final word' on if you have been compromised, it runs a lot of useful checks and can direct suspicions towards finding a solution. To install: | * '''chkrootkit''' - chkrootkit can be used to help determine if a machine has been compromised. While not what you should use for the 'final word' on if you have been compromised, it runs a lot of useful checks and can direct suspicions towards finding a solution. Install the following: |
| Line 30: | Line 30: |
| sudo apt-get install chkrootkit | chkrootkit |
| Line 35: | Line 35: |
| * '''Seahorse''' - a light-weight Gnome frontend for GPG, makes managing keys much easier. To install: | * '''Seahorse''' - a light-weight Gnome frontend for GPG, makes managing keys much easier. Install the following: |
| Line 37: | Line 37: |
| sudo apt-get install seahorse | seahorse |
| Line 42: | Line 42: |
| sudo apt-get install nemesis | nemesis |
| Line 47: | Line 47: |
| sudo apt-get install tcpdump | tcpdump |
| Line 52: | Line 52: |
| sudo apt-get install openssh-server | openssh-server |
| Line 55: | Line 55: |
| CategoryDocumentation CategoryCleanup | CategoryDocumentation |
The Ubuntu repositories contain several useful tools for maintaining a secure network and network administration. This page attempts to list the most popular and useful of these utilities, a brief description of them, and how to install them.
Ethereal - a popular network traffic analyzing tool, that can capture both off the wire and from existing caputure files. It features a helpful GUI to ease analysis. Note: The Universe package adds a menu entry that expects the user to have a root account. To use ethereal in Ubuntu, use sudo in a terminal, or edit the menu entry to use gksudo. Install the following:
ethereal ethereal-common
Nessus - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and offers a usually current attack database. It also features useful scripting abilities, allowing you to automate many tasks. Install the following:
nessus
nmap - the standard network mapper. Has a thousand and one uses. Install the following:
nmap
Etherape - an etherman clone. It displays network activity with an intuitive UI. Install the following:
etherape
Kismet - a wireless sniffing tool. Includes support for GPS map scanning with in use of the gpsdrive package. Install the following:
kismet
chkrootkit - chkrootkit can be used to help determine if a machine has been compromised. While not what you should use for the 'final word' on if you have been compromised, it runs a lot of useful checks and can direct suspicions towards finding a solution. Install the following:
chkrootkit
GnuPG - an opensource PGP replacement. Lacks support for IDEA, but is incredibly useful. Included by default. GnuPG will allow you to encrypt emails, digitally sign, and integrates well into the Evolution mail client as well as Thunderbird.
Seahorse - a light-weight Gnome frontend for GPG, makes managing keys much easier. Install the following:
seahorse
Nemesis - a commandline based packet injection utility. Requires a bit of reading the documentation to get full use from.
nemesis
tcpdump - while its name suggests that it works for only TCP, tcpdump also supports UDP, BGP, NFS, and a lot of other packet types. It is a powerful network utility that should be in every admins toolbox, allowing you to pull in everything off the wire. In combination with ethereal it doesn't miss much.
tcpdump
[:SSHHowTo:OpenSSH] - OpenSSH almost singlehandly stopped admins from using telnet, an insecure protocol. The OpenSSH client is installed by default. Generally you want to use SSH instead of telnet or rsh. In some situations, such as large number of clients, you might want to pursue other options, such as telnet with ssl. To install the ssh server:
openssh-server
InstallingSecurityTools (last edited 2008-08-06 16:41:06 by localhost)