System and network security scanners

There are many security scanners in market to test the security of your computer system. These scanners not only finds out the security issues but also suggestions actions to fix them. Read the article to know about such system and network security scanners.

There are plenty of security scanners which you can use in order to test the security of your computer system. Many of these scanners list the security threats and also suggest actions on how to fix them. Others fix them automatically. Following are some system and network security scanners:

System security scanners

These scanners determine insecurities like bad file permissions, old software versions and insecure configurations which allow local users to gain unauthorized privileges. System scanners inform when any problem is found. They only offer suggestions on how to fix the problem. A system scanner can't fix problems automatically.

Use simple find command
List all the 'set group id' and 'set user id' programs on the system as these are common source of break-ins. If there is a program which is of no use to you, remove it. There are programs available on net which scan your file-system for such programs and send their list via email. Note that a hacker who has broken in can easily manipulate the reports. So, it is advisable that you keep checking manually whether the reports are accurate or not.

Use Computer Oracle and Password System (COPS)
Though COPS is postdated now, it is still an efficient scanner. Its tools track set group id and set-user id binaries and check weak passwords or password file errors. It gives detailed information but it should not be used as the sole scanner on your system.

Texas A&M University's (TAMU) Tiger
Tiger also checks for the local security problems. Like COPS, it checks most of the things including intrusion signs, weak passwords, password file sanity and bad permissions in disk device. In addition to this, Tiger performs networking port verification, send mail checks and embedded path name checking.

GNU Tiger
GNU Tiger is the updated version of TAMU Tiger. You can run it to see the changes in your system that can be threats to the security. It can be run in the same way as the original Tiger version is run. The syntax is given below:

machine# tax xzvf tiger-3.0.tgz
machine# mkdir /var/run/tiger
machine# mkdir /var/log/tiger
machine# ../tiger

Named after a planet, Nabou is basically used as a file integrity checker. Unlike most tools, Nabou allows encrypting the database in which check sums are stored, making it difficult for hackers to change database entries. If you want to add your own tests, embed Perl code to the configuration.

Linux Security Auditing Tool (LSAT)
This scanner is available online and it allows you to add your own tests. Just download it and compile it with the following syntax:

jdoe$ tar xvzf lsat-VERSION.tgz
jdoe$ cd lsat-VERSION
jdoe$ ./configure
jdoe$ make

After compilation, run:

root# ./lsat

This will give you an easily readable report of all changes in system configuration.

Network security scanners

These scanners determine network accessible insecurities that can allow hackers to control your system. You can scan your machine and easily resolve the security issues.

Internet Security Scanner
This scanner is very complex. It was the first publicly available network scanner. It checks anonymous FTP and default login accounts, scans the port to show what services are open on the system and performs other functions. It is not much used these days as more simple scanners are now available in market.

Security Administrator's Tool for Analyzing Networks (SATAN)
SATAN is a very old scanner. It is used by hackers as well as administrators to decide what security changes are needed. The scanner not only tells the problems found in the network but also suggest actions needed to fix them. Security Administrator's Integrated Network Tool (SAINT) and Security Auditor's Research Assistant (SARA) are the updated models of SATAN. SAINT is available online.

Nessus is a very powerful and updated network scanner. It has its own programming language, Nessus Attack Scripting Language (NASL) which is known for making powerful attacks with minimal coding. Some of its most advanced features are multiple reporting formats, multiple authentication options and plug-ins that work cooperatively. It is available online and is free of any cost. Nessus is the most preferred network scanner in market due to its performance, features and zero price.

The above stated network scanners are rated below on a score of 10. Clearly, Nessus stands out to be the winner.


Read Lucent Managed Firewall - A dedicated firewall for network security

Related Articles

Introduction to Network Security

In this article, we will introduce ourselves to what kind of threats are prevalent on networks around the world. Understanding the kind of threats that affect networks is the first step towards securing a network from malicious attacks.

More articles: Network Security Internet Security Internet Security


No responses found. Be the first to comment...

  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name: