Respond to the below two student discussions with 150 words minimum. Questions they are answering are in bold.
If you were tasked with assembling a ‘toolkit’ using only free or open source tools to perform network security assessment.
(1)What software applications or “tools” would you use?
(2)What platform (Operating System) would you use?
(3)How does this toolkit differ from that you would use for an application security assessment, wireless security assessment? You can list other types of related assessments if you know if how you might adjust for the given scenario.
Good evening class,
Welcome to week 3. This week we have been asked a few questions about getting together a toolkit of open source software that we would put together to perform a network security assessment. While reading up on some open source software that I could use I came across one that I have used before. I have used Wireshark. I like that it makes it possible to get into the packets and see what they are running. This is one application that I would put into use in my tool kit. I think that I would also have to use Snort. According to sectools.org this tool, “detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior” (Sec). I would also use Paros proxy. I think that it is important to have a proxy in place for the network. I think that I would have to use Linux as an Operating system since it can be easier to lock down when needed. All of the tools that I have chosen have specific uses. There needs to be a multitude of different tools that need to be used to properly secure the network. While you add the complications of wireless networks, you will have to use new tools to incorporate them into a wireless network. Although there is many different tools out there that are open source it is a good idea to find some pieces that would need to be paid for. I definitely would want a firewall.
SecTools.Org Top Network Security Tools. (n.d.). Retrieved from https://sectools.org/
Over the years I’ve had the opportunity to use some interesting tools for testing and troubleshooting security features of digital networks. From inspecting firewalls, to testing Wi-Fi hardening, and all the networks in between these are just a few of the ones that I have used.
To start with, a network analyzer is an invaluable tool that is usually handheld and can be plugged into the network via a standard RJ45 connector. Once connected, this tool can tell you what VLAN your network segment is on, what the speed and duplex settings of the switchport are, and whether the network drop is actually turned on or not. All of this data is very important to a network security employee. If you have a network cable that is “hot” but doesn’t need to be, you can identify it and turn it off. If you have a network segment on the wrong VLAN, data can be potentially be accessed by unauthorized personnel. Finally, if your speed and duplex settings are wrong, then users can experience severely degraded networking speeds.
A network sniffing tool such as Wireshark is another god tool for inspecting network security. This tool will show you what data is being passed, where it is going, and who is passing it. By capturing all the data on your network in real time, this tool can allow you to granularly assess threats to your network. By setting a slew of search parameters, you can potentially identify failed IPSEC connections, DHCP DORA process failures, TELNET unencrypted password and username use, and several other security flaws or networking failures.
Lastly, a good Wi-Fi sniffing tool such as Aircrack-ng will let you conduct a survey of wireless networks in your area. This tool displays a slew of information about all the broadcasted and hidden Wi-Fi networks. Such data includes the SSID, security type, MAC address of devices connected to the network, and the signal strength of the Wi-Fi signal.
These are just a few of the tools that I have personally used over the years.