Chapter 2. The Tools Required
This chapter describes the operating systems and some key tools required to undertake an IP-based network security assessment. Many advanced TCP/IP assessment utilities are available only for Unix-based systems such as Linux, so you will often find that a competent security consultant uses a variety of tools under different operating systems to assess and successfully penetrate a network. These tools and their respective uses are discussed in detail throughout the book, and they are listed here so that you can select and start to prepare your assessment platform before moving forward.
All tools listed in this book can also be found in the O’Reilly archive at http://examples.oreilly.com/networksa/tools. I have listed the original sites in most cases so that you can freely browse other tools and papers on each respective site.
The Operating Systems
Selecting the operating platforms to use during a network security assessment depends on the type of network you are going to test (e.g., completely Microsoft Windows), and the depth to which you will perform your assessment. Often it is the case that to successfully launch exploit scripts against Linux or Unix systems, access to a Unix-like platform (usually Linux or BSD-derived) is required to correctly compile and run specialist exploit tools. What follows is a discussion of the operating systems that are commonly used.
Windows NT Family Platforms
As Windows NT systems (NT 4.0, 2000, XP, 2003 Server, etc.) start ...
Get Network Security Assessment now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
