Network security scanners – Wireshark, Snort, Nessus
October 5, 2010 by admin
Filed under Network security
All of us have encountered different problems regarding their network security. Doesn`t matter if you are an individual PC user, a network administrator or you are using the network at your office, I am 100% positive that you have dealt just about a couple of times time with network security related problems.
Either the connection got broken, or like I have got in trouble just minutes ago, everything seemed to work fine, ping was coming back from the DNS service yet there was no internet to be found. That might be a serious internet security problem or even a software vulnerability.
I am going to analyze in this post three network security scanners just to see what do we have out there, and what software cand we count on.
The order i`m going to present the scanners has nothing to do with the actuall function. I choose a random way of presenting these internet security tools.
#1 Wireshark (probably the best network security scanner available)
The initial project started in 1998 and has come now to be the standard in the industry. It can deliever both live capture and offline analysis due to it`s enhanced embedded technologies used. Wireshark is a network security scanner that can run both on Linux, Windows, OS X, Solaris, Free BSD, Net BSD and much more. It features a lot of display filters, VoIP analysis and it can read more than a dozen file capture formats.
The data can be retrieved from Ethernet, ATM, Bluetooth, IEEE 802.11, Token ring, Kerberos, SSL/TLS, WEP, WPA/WPA2 and much more. You can apply a very intuitive markup, with colours so that the packets you`re looking for will “pop-up” instantly. Finnaly you can output the results either to plain text, CSV, XML or PostScript®.
You can download the internet security software here.
#2 Snort (The IDS/IPS free network scanner)
This one is a open source network intrusion preventor created bt Sourcefire that is the most deployed IDS/IPS technology around the world. As a mattor of fact just a few days ago there was a new release for the Snort security scanner, version 2.9.0 has make it to the internet. I`ll mention a few changes for the current version which include: updates to the packet decoder for the IPv6 that improved anormal detections, the ability to drop rules using INLINE TEST MODE, SMTP postprocessor got updated now and supports MIME attach decoding and a few more.
You can download the scanner here.
#3 Nessus (the network security scanner with Iphone support)
This is one of the world leading active scanners software that features configuration auditing, vulnerability analysis, and high-speed discovery profile. It can be used both inside DMZs and across physically separate networks so you won`t have to woory a lot with the architecture of the network itself.
In order to use the Nessus security scanner you have to purchase a 1.200$ / year ProfessionalFeed, that grants you tech support, updates to the vulnerability database and compliance auditing.
You can see the internet security software at work here.
No related posts.
Comments
2 Responses to “Network security scanners – Wireshark, Snort, Nessus”Trackbacks
Check out what others are saying about this post...[...] This is one of the early IP sniffers available on the market before de GUI little brothers like wireshark were born. It requiers less system resources and it is a great tool for tracking network problems [...]
[...] lot of the vulnerability scanners that we have analyzed on our website will be very useful for any user that is concerned with issues [...]