Security Tools News & Tips » Packet Sniffer

Check Point Power-1 Appliances

Niranjan — Tue, 08 Sep 2009 20:24:26 +0000

Check Point Power-1 appliances enable organizations to maximize security in high-performance environments such as large campuses or data centers. They combine Check Point firewall, IPsec VPN, and intrusion prevention Software Blades with advanced acceleration and networking technologies that deliver a high-performance security platform for multi-Gbps environments.

Key Benefits

- Ensures availability of business-critical applications with up to 25 Gbps of firewall throughput and total system performance (Firewall + IPS) of up to 15 Gbps

- Field upgradeable for maximum performance flexibility (Power-1 11000 Series)

-Provides a comprehensive set of security Software Blades that is extensible on demand to include Web security, antivirus, anti-spyware, and anti-spam

- Simplifies administration with a single management console for all sites

- Protects against emerging threats with Software Blade update services

Check Point Power-1 Appliances Homepage

Cisco ASA 5500 Series Firewall

Niranjan — Fri, 04 Sep 2009 20:56:26 +0000

The Cisco ASA 5500 Series Adaptive Security Appliance is a modular platform that provides the next generation of security and VPN services for small and medium-sized business and enterprise applications. The comprehensive portfolio of services within the Cisco ASA 5500 Series enables customization for location-specific needs through its four tailored package product editions: the Firewall, VPN, IPS, and Content Security Editions.

These packages enable superior protection by providing the right services for the right location. At the same time, they enable standardization on the Cisco ASA 5500 Series platform to reduce costs in management, training, and sparing. Finally, each Edition simplifies design and deployment by providing pre-packaged location-specific security solutions.

Cisco ASA 5500 Series Firewall Homepage

Juniper Networks IDP Series

Niranjan — Fri, 28 Aug 2009 16:00:51 +0000

Juniper Networks IDP Series Intrusion Detection and Prevention Appliances offer the latest capabilities in network intrusion prevention to protect the network from a wide range of attacks. Using industry-recognized stateful detection and prevention techniques, the IDP Series provides zero-day protection against worms, trojans, spyware, keyloggers, and other malware.

Juniper Networks IDP Series Homepage

Wireshark

Niranjan — Thu, 20 Aug 2009 22:33:52 +0000

Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. It started as Ethereal but was later re-branded as Wireshark due to trademark issues.

Wireshark Homepage

FTester

Niranjan — Fri, 20 Jul 2007 08:07:43 +0000

The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities. The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A diff of the two produced files (ftest.log and ftestd.log) shows the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a firewall. Stateful inspection firewalls are handled with the ‘connection spoofing’ option. A script called freport is also available for automatically parse the log files.

FTester Homepage

Kcpentrix

Niranjan — Thu, 28 Jun 2007 01:00:24 +0000

The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and System administrators. Now release 2.0 is a liveDVD, It features a lot of new or up to date tools for auditing and testing a network, from scanning and discovering to exploiting vulnerabilities. Kcpentrix is based on SLAX 5, a Slackware live Dvd. The Powerful modularity which Kcpentrix uses, allow us to easily customize our version, and include whichever modules we need. KCPENTRIX 2.0 is the most inovative and promising KCPENTRIX ever. It switched to 2.6 kernel line. Zisofs compression was replaced by SquashFS, which provides better compression ratio and higher read speed.

Kcpentrix Homepage

Network Security Toolkit

Niranjan — Mon, 04 Jun 2007 09:22:55 +0000

Network Security Toolkit (NST) is a bootable ISO live CD based on Fedora Core 6. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools.

NST Homepage

Screenshots

Cain & Abel

Niranjan — Tue, 29 May 2007 03:33:17 +0000

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.

Homepage

Aircrack

Niranjan — Mon, 21 May 2007 02:26:21 +0000

Aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact aircrack is a set of tools for auditing wireless networks.

Homepage

Scapy

Niranjan — Mon, 16 Apr 2007 05:10:33 +0000

Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.

Homepage