Announcement

Collapse
No announcement yet.

Favorite software

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • russ
    replied
    Originally posted by octalpussy
    I checked out Languard, and I agree with Medic... you're comparing Languard to the wrong tool. Nmap is just a simple port sniffer. That's all it's designed to be.

    On the other hand, what does Languard do that Nessus doesn't?
    As a side note, did you know that the author of Nessus now works with Ron Gula (author of Dragon IDS) at a new company called Tenable Networks?

    Just thought I'd throw that out there. They have a new vulnerability assessment tool that they've just starting marketing. There's also a whitepaper from Ron about their ideas in our last Security Journal. http://www.securityhorizon.com/journal/winter2003.pdf

    Leave a comment:


  • octalpus
    replied
    I checked out Languard, and I agree with Medic... you're comparing Languard to the wrong tool. Nmap is just a simple port sniffer. That's all it's designed to be.

    On the other hand, what does Languard do that Nessus doesn't?

    Leave a comment:


  • t3mpt3r
    replied
    technically, the version i have is not a 'for-sale' version. it is their free version, which is a .02 versions older or something like that.

    it wouldn't be pirated. it was free from them.

    -t

    Leave a comment:


  • blackwave
    replied
    Originally posted by t3mpt3r
    if noone can find it for free, and want to play with it, when i get off, i'll throw it on my site. let me know.
    Please do not offer pirated software to these forums...

    Feel free to check out the trialware here:

    GFI LANguard Network Security Scanner 3.0
    GFI LANguard Network Security Scanner 3.1 (beta)

    http://www.gfi.com/downloads/downloa...=8&vid=1&lid=1

    Leave a comment:


  • t3mpt3r
    replied
    languard is nmap on steriods. i love linux, and use slack for everything i can, but at work sometimes i just don't have a choice.

    languard does the port scanning (range or single ip) just like nmap, but it goes beyond that, it shows domains, users, groups, hotfixes, service packs, known vulnerabilities, open shares, snmp, etc..

    if noone can find it for free, and want to play with it, when i get off, i'll throw it on my site. let me know.

    -t

    Leave a comment:


  • Medic
    replied
    nmap and LANguard are two completely different tools. LANguard should be compared more to Nessus, Saint, Satan, or Sara.

    --Medic

    Leave a comment:


  • converge
    replied
    Originally posted by t3mpt3r
    nmap gives no information in comparision to languard.
    Could you expand on that more? I am curious because I haven't had the opportunity to play with LanGuard yet, but hear good things about it. What specfic things does it report compared to nmap that cause you to like it more?

    Leave a comment:


  • apprentice
    replied
    This thread is really great! I'm a newbie and just got Linux running on my laptop. It is really interesting to read what you guys like and why. I've heard of most of them. I've downloaded Ethereal for WinXP but have yet to learn how to use it. Too busy playing with linux:D

    Mr Newbie will go back to lurking now.

    Leave a comment:


  • octalpus
    replied
    Originally posted by t3mpt3r
    nmap is nice, but by no means should it be considered the best. products such as gfi's languard scanner is by far a better and more useful product, but alas, it is no longer free (shouldn't be a problem for any capable people reading this.). But, the biggest downside is that it's m$ only.

    with that software alone, i made many new friends at X, poor bastards thought nmap was the king of scanners. nmap gives no information in comparision to languard.

    -t
    I think you mentioned the key words... "not free" and "M$ only". Like I said, I think a lot of people use nmap more of out habit than anything. For me, it gives me what I need the most, it's free, and it's well supported on the platform of my choice.

    Leave a comment:


  • t3mpt3r
    replied
    nmap is nice, but by no means should it be considered the best. products such as gfi's languard scanner is by far a better and more useful product, but alas, it is no longer free (shouldn't be a problem for any capable people reading this.). But, the biggest downside is that it's m$ only.

    with that software alone, i made many new friends at X, poor bastards thought nmap was the king of scanners. nmap gives no information in comparision to languard.

    -t

    Leave a comment:


  • converge
    replied
    These don't fit as most used, but most impressing to me per explanations

    Rafale X (win32,tcpip,free) - A nice lazy way for building, scripting, and sending out packets in Windows for penatration testing, testing stuff under dev, or just having fun on a network.

    Log Monitor (win32,monitor,free) - Almost like a tripwire for Windows, allows you to track file changes, deletions, basically anything in that area, and perform some type of event based on it, whether sending an admin message, running a program, or script.

    Superscan (win32,scanner,free) - Port scanner, name lookup, warpinger... I love nmap to death, but for some reason in win32 I stick with this program as a quick graphical way of getting it done.

    Ethereal (win32/linux,sniffer,opensource) - I just can't find one better for Windows in my opinion. I've tried sniffer pro and didn't care for it. Of course there are more options for nix, but this just gets the job done when in a Windows only environment.

    Tiny Personal Firewall (win32,firewall,free) - This is simply the cleanest, lightweight, unintrusive firewall that I've been able to find for Windows without getting into commercial software. The fact that it will let you configure accept/deny rules by port/ip/etc is more than I have seen in a lot of other win32 software firewalls.

    Leave a comment:


  • russ
    replied
    fpipe

    Anybody here ever use "fpipe" from Foundstone?

    GREAT tool! Let's you pipe information from a compromised box into the internal network and back again. So if there is NAT or something else in the way of you taking the internal side, it helps there.

    Leave a comment:


  • Medic
    replied
    Long time since I posted..
    Its simple, and free.

    tcpdump - looking for rogue traffic, logging traffic for analysis or evidence, or generating a baseline for statistics.

    ethereal - replaying tcp sessions, also see above.

    ngrep - looking for a specific string coming through a transparent bridge? use ngrep. GREAT for looking for automated worms, since you can identify a string. Also used for looking for stacheldracht and other sorts of traffic.

    telnet/netcat - connect to any port on any machine, and send data. I combine the two, because he only wanted 5. :) a netcat listener on a remote computer also makes a good place to log forensic data to if you don't want to alter the data on a running machine.

    iptables - with a patch, does packet level string matching. awesome for transparent bridges and routers where you want to block packets that contain strings such as "X-KaZaa", or "GNUTELLA CONNECT"...

    I'll also mention the dsniff suite, but thats not related to securing your network..

    --Medic

    Leave a comment:


  • octalpus
    replied
    1. Nessus: (Linux) For basic scanning and testing of my network, I love how this will test my servers, even when I have moved them to non-standard ports.

    2. Snort: (Linux) Why? Well... why not? "Everything I know about TCP/IP packets, I learned from Snort". Nice little IDS with a good deal of support.

    3. Kismet: (Linux) I think the options here are pretty much dictated by O/S choice...

    4. Nmap: (Linux) I don't know if this is so much of a favourite as much of a habit... still, I suppose it's as good as any, as far as port scanners go. Clean interface, well supported, easy to use.

    5. Tcpdump: (Linux) Handy little gadget for finding out more about what is going on over your network... great all-purpose tool, both for security and general admin'ing.

    Leave a comment:


  • russ
    replied
    Originally posted by TwinVega
    Wonder what Chris does on his spare time..
    I like SolarWinds (commercial tool). GREAT SNMP dumps and Cisco scans. Not terribly expensive compared to other commercial tools either.

    Leave a comment:

Working...
X