2. Agenda
What is network security
Importance of network security
Network security toolkits
Security Tools
1.Snort
2.Ettercap
3.Sam Spade
4.Backtrack
5.Hydra
6.Deepfreeze
3. What is Network Security ?
Network security consists of the provisions
and polices adopted by a network administrator to prevent and
monitor unauthorized access, misuse, modification, or denial
of a computer network and network-accessible resources
7. Snort
→ Developed by Sourcefire, Inc. in 2012
→ Snort is lightweight network IDS or IPS which is used to
detect a variety of attacks and probes
→ Snort have three modes :
1. sniffer
2.packet logger
3.network intrusion detection
→ Snort uses a flexible rule-based language to describe traffic
8. Features
→ Small ,Portable (Linux, Solaris, *BSD, IRIX, HP-UX)
→ Fast and Open Source Software
→ Configurable (Easy rules
language, many reporting/
logging options)
9.
10.
11. Ettercap
→ Ettercap is a tool for network protocol analysis and security
auditing
→ Capable of intercepting traffic , capture passwords, and
conduct active eavesdropping
against common protocols
→ Supports active and passive
dissection of many protocols
12. Features
→ Ettercap offers four modes of operation:
1.IP-Based
2.MAC-Based
3.ARP-Based
4. PublicARP-based
→ Character injection into an established connection
→ HTTPS support
→ Plug-in support
15. Sam Spade
→ Sam Spade utility was authored by Steve Atkins in 1997
→ Sam Spade is a network tool suite, with some extra features
that will enable you to track unsolicited email.
→ The Sam Spade tool acts as a sleuth that finds as much public
information about an IP address or DNS address
→ It integrates the capabilities found in ping, traceroute, time,
whois, nslookup, finger, DIG , etc
16. Features
→ DNS zone transfer
→ SMTP Relay Check
→ Scan Addresses
→ Crawl website
→ Browse web
→ Fast and Slow Traceroute
→ Decode URL
→ Parse email headers
→ Check cancels
17.
18. Backtrack
→ Linux distribution designed for penetration testing, aka
"ethical hacking“
→ BackTrack is a Linux distribution that is security focused and
contains over 300 security tools integrated with a highly
polished user interface
→ current version is BackTrack 5 R3
19.
20. Hydra
→ very fast network logon cracker
→ perform rapid dictionary attacks against more then 30
protocols, including TELNET, FTP, HTTP, HTTPS, MS-SQL,
MYSQL,SNMP, POP3, IMAP etc
21. Features
→ IPv6 Support
→ Graphic User Interface
→ Internationalized support (RFC 4013)
→ HTTP proxy support
→ SOCKS proxy support
22.
23. Deep Freeze
→Developed by Feronics ,Deep Freeze makes computer
configurations indestructible
→Any changes made to a computer are wiped out at the end of
the session
→Provides immunity from:
→Accidental system misconfiguration
→Malicious software activity
→Incidental system degradation
24. Features
→Multiple Thaw Spaces
→Hidden Thaw Spaces
→Improved Console Functionality
→Remote Desktop Control
→Remote EXE & MSI execution
(using PSEXEC)
→New Event Scheduler
→Multiple, daily events now possible
25.
26. Conclusion
No system or network is absolutely secure , as hackers or
many algorithms are there to break passwords and much
valuable information, which leads to a great loss. Hence
network security tools provides the remedy by many ways.