Choosing the Best Free Network Security Tools
With all of the systems you need to manage as a network or security administrator, you’ll need a robust set of tools to ensure your network is secure and safe from attackers. We’ll cover free network security tools that scan for vulnerabilities, packet sniffing, network mapping, wireless scanning and password cracking. Although there are many options for each category of tool, I’ll just talk about some of the more popular tools. For a comprehensive list of network security scanning tools, check out the “Sectools.org” website.
Vulnerability scanning is one of the most important tasks you can do to ensure your network stays secure. Vulnerability scanners scan a set number of hosts looking for any number of vulnerabilities – looking for anything from database, web or Operating System vulnerabilities. One of the better vulnerability scanners is Nessus, but be aware that the free version is only available for home networks – not commercial networks. Nessus scans hosts against a database of over 34,000 (and growing) vulnerabilities. It’s easy to use and is very frequently updated. You can read more about Nessus in my article “How to Perform a Vulnerability Scan Using Nessus”. Nessus can be downloaded from here. For smaller organizations running primarily Microsoft products (Windows, SQL, Exchange, IIS), the Microsoft Baseline Security Analyzer (MBSA) may be a good tool to use. This free tool will scan your network for missing patches and insecure configurations for most enterprise Microsoft products. MBSA can be downloaded here.
The ability to visually inspect the data being passed across your network can be an invaluable tool in troubleshooting networking issues. The gold standard for protocol analyzers is Wireshark (formerly Ethereal). Wireshark can capture live data streams and allow you to see the raw data in real-time or by loading a packet dump and filtering it as desired. Wireshark can be downloaded here.
Network mapping is useful for allowing you to enumerate the devices on your network along with the services they are running. A great tool to help map your network is NMAP. NMAP can be set to scan a subnet or set of machines and will report on how many are available and what ports are open and listening on those machines. For example, NMAP can help you easily determine which machines are running Databases or Web Servers on your network. NMAP can be downloaded from here.
Scanning for rogue wireless devices should be done on a regular basis. If you have one of your users come in and set up an unsecure wireless access point running off your corporate network you have a pretty serious security issue. A tool like Kismet (available here) can help you scan for wireless devices. Kismet can also act as a wireless packet sniffer and intrusion detection system. Kismet passively collects data using your wireless card and can even alert you if the data it detects appears to be an attack on your wireless network. This is a must have for any organization with a wireless network in place.
Although Password Cracking isn’t so much a “network security” scanning tool, it is useful to run password cracking tools to help assess password strength. One popular password cracking tool is Cain and Abel. Cain and Abel allows you to perform brute force, hash based and dictionary attacks. If you don’t enforce strong passwords on your Windows domain, it may be shocking to you how easy it is to crack some of the domain passwords people use. These are just a few of the many free network security tools available out there. Hopefully you’ll start building your own toolbox. Feel free to leave a comment with any others you think would be worthwhile adding to the list.