What free security tools for Microsoft networks would you always have in your toolkit?
What free network security tools have you found that actually work and you would never leave home without?
Good Answers (4)
David F.
Network Engineer at TruEdge Communications
Best Answers in: Computer Networking (7), Telecommunications (2), Computers and Software (1), Information Security (1)
The above are a pretty comprehensive list and include all in my professional kit (as well as a couple I will be investigating !) but, if you want to know what I carry on my USB key in my pocket for use when lassoed by friends and family whose Windows desktop/laptop has begun acting "oddly", here's a partial list:
Malwarebytes Anti-Malware
C-Cleaner
Spybot Search & Destroy
Avast ! Antivirus
AVG Free Antivirus
ClamWin
HijackThis!
FSecure Blacklight
Firefox & NoScript Plugin
ResetDMA.vbs
Rootkit Revealer
RunAlyzer (from Safer Networking)
The first three are my primary tools, the others for when things get deeper or they have no Anti-Virus at all installed.
Links:
Michael S.
VP of Network Engineering at EdgeCast
Best Answers in: Computer Networking (20), Telecommunications (5), Information Security (2), Wireless (2), Computers and Software (1)
1) Nessus - great scanning for general vulnerabilities. We purchase the live feed, although there is a time-delayed, free feed available.
2) Paros - SQL Injection scanning tool
3) OSSEC - Windows file integrity checking and log analysis. We use this with Open Source Security Information Manager, but that's Unix based.
4) Microsoft Baseline Security Analyzer - to tell you where you have issues in best common security practices (passwords, user accounts, etc.).
5) Microsoft Security Configuration Wizard - for assistance in creating good server security policies. Note: you have to be really careful because this tool can be a bit heavy-handed in what it does, so make sure you have a revert-to copy before you apply the Wizard's XML.
6) As soon as Microsoft releases its free Virus tools, they will go in there as well.
Regards,
Mike
Bryan M.
Owner and Penetration Tester @ Syrinx Technologies LLC
Best Answers in: Information Security (5), Telecommunications (2), Small Business (1), Computers and Software (1)
I'll add this to Michael's list:
1. nMap - port scanner
2. Nikto.pl - web server scanner
3. N-Stalker (the free version) - web server scanner
4. URLScan - Microsoft tool to harden IIS
5. nbtscan - Get good info out of Microsoft networks
6. tnscmd.pl - Great script for getting SID's from Oracle
7. SQLDict - test Microsoft SQL server passwords
8. Cain/Abel - more things than I can count
9. Wireshark - packet capture
10. SamSpade - various DNS and other tools
11. Teleport Pro (free version) - snag a copy of a web server for analysis
Gosh, this is really hard...I use well over 100 tools...most of them free.
Links:
Clarification added June 23, 2009:
Throw in:
1. IPSecScan
2. IKE-Scan
3. IKE Probe
All great tools for analyzing IPSEC-based VPN's.
Oh yea, least I forget my buddy Sandro.
1. SIPVicious tool suite - VoIP testing
Dial-a-fix - resets registry permissions from virus attacks
SafeXP - disable services and more
XP-Antispy - many options to disable MS "features"
Airsnare - create a fake access point to detect intrusion attempts
Heidi Eraser - wipe files from harddrive
PC Inspector File Recovery - you might need this if its too late
Port Query 2 - from MS can detect filtered ports
Autoruns - see almost everything that loads automatically - comprehensive
Putty - SSH client and more
Finjan Secure Browsing - check TinyURL and Bitly links for malware automatically, only works in web browsers
Asterisk Logger - see behind the **
ophcrack - open source L0phtcrack
SUPERAntiSpyware - already mentioned
plus nmap, wireshark, netstumbler, ccleaner, avgfree, spybot, malwarebytes, wot, various foundstone tools
Knoppix can do many things related to security and recovery.
More Answers (6)
Other tools...
- Snort
- NetCat
- Metasploit framework
- THC Tools
- Some Live CD like BackTrack or nUbuntu
Best regards!
JRB
Ross D.
IT Manager/Digital Forensic Investigator at Keith Borer Consultants
Best Answers in: Lead Generation (1), Business Analytics (1), Enterprise Software (1), Computers and Software (1)
Definitely HijackThis, its a valuable tool.
Spybot S&D to clean the PC up.
AVG Free in case there is no antivirus or a problem with it.
Thats the big three, which can get to the bottom of most problems if you know where you are looking, but there are some other good tools suggested here. Wireshark is good for connection issues, Malwarebytes Anti-Malware is a nice tool, and Live Linux CDs are great for the big problems. It just depends on the situation.
I've always been intruiged by Metasploit mentioned by someone else, but never had cause to use it. Also many anti virus flag it as malware, because it contains tools that could be viewed as hacking tools.
Russ K.
Security Engineer at T-Mobile
Best Answers in: Information Security (3), Telecommunications (1), Web Development (1), Wireless (1)
SysInternals Suite (Microsoft)
System Information Collector (Trend Micro)
These are all great tools. I'd second all of them and add:
knoppix Live CD
Your own customized and tweaked PE cd
Putty
NST (VMWare appliance or the Live CD)
TRK
Stinger
sysclean
Links:
Clarification added June 23, 2009:
I'd add Super Anti-Spyware (probably one of the best clean-up programs out there)
Many of the already suggested...plus
ComboFix
AVGFree
Terry V.
Consultant at Open Systems Specialists
Best Answers in: Information Storage (5), Computers and Software (4), Enterprise Software (1), Computer Networking (1), Databases (1), Information Security (1), Web Development (1)
Hi
Michael and the others have listed great tools, but I also like to automate/detect before and whilst it is happening, as well as fix.
I never leave home without these, look at the free tools for download listed at the bottom of the page.
The toolsets and LanSurveyor (Maps your network/devices into Visio for you) are just great.
Nessus is also brilliant
