A number of powerful tools are discussed here that should be used to scan (probe) your system for vulnerabilities and improper visibility. A vulnerability is a buggy or misconfigured service, such as sendmail, allowing your system to be used to relay spam. An improper visibility is where a service that should be visible only from inside a network (or portion of it) is visible (accessible) from outside it. Samba (NETBIOS) is one possible example of a service that should not be visible from outside one's network. Visibility testing must be done from outside your network, perhaps from your home system or from a friend's system. Most of these tools are used both by SysAdmins to find vulnerabilities in their systems to fix and by crackers to take advantage of those that SysAdmins neglected to fix. It should be considered mandatory to use these tools both initially and periodically, especially after significant reconfigurations, to find problems. The topics covered in this chapter include:
|
Top |