RSS
|
|||||||||||||||||||
  Holy Intruders!: IP-Based Security Auditing Tools | |||||||||||||||||||
|
By Greg Shipley
Staying on top of the latest holes and attacks to hit any single OS is becoming practically a full-time job. If your network includes half a dozen OSes and a few router platforms, it's enough to make even a superhero's head spin. The solution lies not in a skintight bat suit or an all-encompassing firewall, but in a set of next-generation security utilities, such as the security scanners we examined for this review. Evolved from tools such as Farmer and Venema's SATAN and Klaus' ISS, these packages take a snapshot of your network security setup, then use internal checks and patterns to poke and prod at designated hosts, searching for holes or misconfigurations. We tested four security scanners across multiple sites: Cisco Systems' NetSonar Vulnerability Scanner and Network Mapping System 1.0, Internet Security Systems' (ISS) Internet Scanner 5.0, NETECT's Netective Site 1.0 and Secure Networks' Ballista Security Auditing System 2.4. We were quite impressed by the overall functionality of these security scanners, however, we were also painfully aware of their immaturity. Each product was particularly strong in at least one area while falling short in several others. Netective was the only product that addressed binary integrity issues and provided truly efficient updates. But Netective and Internet Scanner had cumbersome licensing issues, and most of the reviewed products' reporting mechanisms were inflexible. If only we could combine Internet Scanner's interface and depth of reporting with Ballista's checks and flexibility, Netective's groundwork for push updates and integrity checking, and NetSonar's reporting flexibility, we would have something special. Internet Scanner receives our Editor's Choice award for one simple reason: It found the holes we were looking for--and detected some we didn't know about--more accurately than the other scanners. Internet Scanner included the most comprehensive set of NT checks, ranging from base denial-of-service checks to "getadmin" vulnerability inspection. It also hacked away at passwords that intruders could easily guess. With a healthy range of Unix checks, low-level IP tests and some knowledge of VAX/VMS holes, Internet Scanner is a very well-rounded product.
|
|
|
|
Setting Up Our Testing Environment 
The Security Scanning Tools Features charts, in Acrobat format.
Secure E-Mail Clients: Not Quite Ready For S/MIME Prime Time. Stay Tuned. February 1, 1998 Old And New Novell Services Combine For A Clutch Hit In The Internet Rally February 15, 1998 RFP: Security Services April 1, 1998 PGP Grows Up April 15, 1998 Fourth-Annual Well-Connected Awards May 15, 1998 Six Biometric Devices Point The Finger At Security June 1, 1998 RFP: VPNs Across Multiple Sites July 1, 1998 Seven Web Load Balancers Score With Round the Clock Access By Greg Yerxa  Print This Page |
|||||||||||||||
 |
|||||||||||||||||||
our customizable newsletter, sends you security alerts, product updates and software patches on the products you use. Sign up now at 
To view the Report card.Best of the Web
Data deduplication: Declawing the clones
Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.
Compression, Encryption, Deduplication, and Replication: Strange Bedfellows
One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.
WAN Optimization Whitelists and Blacklists
Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.
WAN Optimization as a Managed Service: It's Not About the Cost
This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.
