• United States

What hackers can find out about you

Nov 17, 20033 mins
HackingIntrusion Detection SoftwareNetwork Security

Nutter recommends a variety of tools to help you find vulnerabilities in your network

After reading more and more about different systems and companies being hacked and/or compromised, I know there are steps I can take to be prepared and see what hackers will be able to find. Where’s the best place to start?Web site. Although this is meant as a resource to the companies and agencies in the state of Kentucky, it’s a good place to start. This checklist and downloadable tools will give you a foundation. Don’t worry if you don’t have any Linux experience, all the tools shown there run on Windows.Steganos’  All About Hacker Tools. For around $50, you can get a CD with some of the same utilities hackers will use to find where you’re vulnerable. What you get here can be found on the Internet but buying it saves you the trouble of searching for everything. Steganos has done a good job of putting together a CD that walks you through the different kinds of problems you may find, plus you also have the certainty that you aren’t picking up any viruses or Trojan horses to infect your machine or others. Especially with the applications on this CD, management should at least have a basic understanding of what you’re doing and testing for and give their permission to do so.Nessus. This package requires a Linux box to run the server daemon on but you can run the scans from a Windows client. Nesses is continually being updated (sometimes daily) and can test for vulnerabilities and configuration problems that could leave you exposed. Read this Web site carefully and you’ll find information that tells you how to use Nessus in more detail.

 – Via the internet

Before starting anything in this area, move carefully and slowly. Understand exactly what you’re going to do and what could happen before you start. Make sure management understands that part of your testing for vulnerabilities in the network could cause disruptions in service. I’m not trying to paint a really dark picture but management needs to understand that in order to find a problem you might accidentally cause one. That should only happen with some of the more advanced tools you’ll run across, but they should be aware it could happen and give their permission for the testing.

A good place to start is this 

When you’re ready to move onto the next level, you can look at a product such as 

One tool I would be remiss in overlooking is