Good Survey Session of Network Security Software @MacITConf – Part 2

This is a continuation from Part 1.

 

Network utilities

Crypto

Network security manager (NSM)

  • ŸNetwork mapper (Nmap): a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich)used to discover hosts and services on a computer network.
  • ŸZenmap: the official Nmap Security Scanner GUI. It is a multiplatform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application that aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users.
  • ŸIPNetMonitorX: a network troubleshooting toolkit for debugging Internet service problems and optimizing performance.

Ÿ A good reference on the subject mentioned by O’Donnell is Richard Bejtlich: The Practice of Network Security Monitoring: Understanding Incident Detection and Response.

Vulnerability scanning

Network intrusion detection system (NIDS) and sniffers

Packet capture (Pcap) and analysis

  • ŸTcpdump: native in OS X and available as libcap.
  • ŸFrameseer: an inexpensive network packet capture application for the Apple Macintosh; a “universal binary” that runs on Mac OS X 10.4.5 (Tiger) or later; owned by Logosys.
  • ŸWireshark: a network protocol analyzer for Unix and Windows.

Log aggregator

Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of an organization’s information technology security.

  • ŸSplunk: offers the leading platform for operational intelligence.
  • ŸElastic: Elasticsearch has three open source projects ( Elasticsearch, Logstash, and Kibana) designs to take data from any source and search, analyze, and visualize them in real time,
  • ŸELSA: a centralized syslog framework built on Syslog-NG, MySQL, and Sphinx full-text search. It provides a fully asynchronous web-based query interface that normalizes logs and makes searching billions of them for arbitrary strings as easy as searching the web. It also includes tools for assigning permissions for viewing the logs as well as email-based alerts, scheduled queries, and graphing.

Pen testing (penetration testing)

Ÿ   CSOOnline: CSO provides news, analysis, and research on a broad range of security and risk management topics.

  • Nessus: see above
  • Nmap: see above
  • Metasploit: see above
  • Kali Linux: advanced penetration testing Linux distribution used for pen testing, ethical hacking, and network security assessments

Wi-Fi tools

  • ŸkisMac: a wireless network discovery tool for Mac OS X. It has a wide range of features, similar to those of Kismet (its Linux/BSD namesake).
  • ŸNetspot: the only professional app for wireless site survey, Wi-Fi analysis, and
    troubleshooting on Mac OS X.
  • ŸNet monitor: a network utility for the rest of us. Graphs network activity of local and remote computers. Records traffic activity. Calculates total traffic between dates. Measures traffic speed. Highly customizable.
  • ŸSidekick: an application that automatically updates your laptop settings based on where you are.
  • ŸIPNetMonitorX: see above

Summary

The presentation was tailored towards the Mac OS X community, but it was useful for people who don’t use Macs.

Finally, O’Donnell gave the following references for further study.

  • ŸWikipedia
  • ŸSANS: The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world.
  • ŸOpen Web Application Security Project (OWASP): The Open Web Application Security Project is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software.
  • ŸISACA: As an independent, nonprofit, global association, ISACA engages in the development, adoption, and use of globally accepted, industry-leading knowledge and practices for information systems.
  • ŸBlackhat: The most technical and relevant global information security event series in the world, for more than 16 years Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment.
  • ŸSecurosis: Securosis is an information security research and advisory firm dedicated to transparency, objectivity, and quality.
  • ŸKrypted.com
Zen Kishimoto

About Zen Kishimoto

Seasoned research and technology executive with various functional expertise, including roles in analyst, writer, CTO, VP Engineering, general management, sales, and marketing in diverse high-tech and cleantech industry segments, including software, mobile embedded systems, Web technologies, and networking. Current focus and expertise are in the area of the IT application to energy, such as smart grid, green IT, building/data center energy efficiency, and cloud computing.

, ,

No comments yet.

Leave a Reply


*