Security Tools/Auditing
Contents |
Wireshark
Wireshock Download
Wireshark is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
Snort
Snort Home Page
Winsnort Downloads
Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. This is the software package that is used to gather information form the network.
SysTest
http://www.uri.edu/security/app/systest.bat
URI Homemade self-help .bat system auditing file.
Vision
Vision
FoundStone's Vision reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications.
TCPView
TCP View for Windows
See all open TCP and UDP endpoints. On Windows NT, 2000 and XP TCPView even displays the name of the process that owns each endpoint. Full source to the command-line version of this tool, netstatp, is included.
Big Brother
Big Brother Download
Big Brother monitors System and Network-delivered services for availability. Your current network status is displayed on a color-coded web page in near-real time. When problems are detected, you're immediately notified by e-mail, pager, or text messaging.
