-- Doc14, "Auditing tools".

Auditing tools enable automatic assessment of a networks vulnerability level. These tools are used by Hackers to size up a network and so should also be used by Administrators to check that systems are configured correctly.

Here are some tools and their URLs. UKCERT recommends testing these tools in a low risk environment before using them on a production facility. A good idea is to load the tool into VMWare or UML (user mode Linux) and then use the application on your lab/test network whilst watching what the application does (use firewall alerts and packet sniffing). When using free third party auditing tools there is a danger that you may be downloading malware that can act as a backdoor to a hacker hence the need to check the MD5 hash of the application for integrity and monitor the actions of the application. However these applications below are well recognised and widely so can be used with more confidence than a completely untrusted application.

Auditing tools- Nessus http://www.nessus.org/

Saint http://www.saintcorporation.com/products/saint_engine.html

Sara http://www-arc.com/sara/

nmap http://www.insecure.org/nmap/

ethereal http://www.ethereal.com/

cheops http://cheops-ng.sourceforge.net/

These are the main tools, though there are some more
specialised tools for advanced use..















All text is available under the terms of the GNU Free Documentation License.