A Brief History of Security Tools

The tools described in this chapter are designed to search for vulnerabilities. They can be used by security administrators to find and fix problems or by hackers to exploit system and network weaknesses. Vulnerability assessment tools have been around for a while. Dan Farmer and Wietse Venema helped start this genre of software in 1995 when they created one of the first vulnerability assessment programs called Security Administrator Tool for Analyzing Networks (SATAN). This program set the standard for many tools to follow; it made it possible to scan for vulnerable computers through the Internet and provided a variety of functions in one package. Although SATAN was a great tool for security administrators, it was also useful to hackers.

Today, there is an untold number of tools that can be used to scan for vulnerabilities and probe for "open doors." Some of these are legitimate security tools and others have been written by hackers or those without the best of intentions. As a security professional, you will probably want a keep a variety of these tools handy. Just make sure you have written authorization before using them on a network.

Introduction to Assessing Network Vulnerabilities

Foundations and Principles of Security

Why Risk Assessment

Risk-Assessment Methodologies

Scoping the Project

Understanding the Attacker

Performing the Assessment

Tools Used for Assessments and Evaluations

Preparing the Final Report

Post-Assessment Activities

Appendix A. Security Assessment Resources

Appendix B. Security Assessment Forms

Appendix C. Security Assessment Sample Report

Appendix D. Dealing with Consultants and Outside Vendors

Appendix E. SIRT Team Report Format Template



Inside Network Security Assessment. Guarding your IT Infrastructure
Inside Network Security Assessment: Guarding Your IT Infrastructure
ISBN: 0672328097
EAN: 2147483647
Year: 2003
Pages: 138

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net