Beware of these Network Security Tools

From LinuxReviews
Jump to navigationJump to search

Network Security Tools are programs who give you interesting information about computer networks. This is a list of tools you really should know about - and know how to (ab)use - if you are a network administration, computer scientest, journalist, political activist or just not as dumbed down and mindcontrolled by television as most people.


The first thing you should do when learning about tools such as these is to learn how to use the tools, first and foremost by testing your own computer security. For example, many ignorant people think that a "firewall" somehow gives more than a false sense of security.

A firewall is based in the illusion that it's somehow hard to dress up as a janitor or a consultant or delivery boy to get inside the building and thus inside a "firewall". Thus; you should learn how to use NMAP and scan your corporations network from inside if you're a IT guy in a corporation. Just having heard of nmap doesn't help. Try ut. Use it.

Highly recommended Network Tools

Secure traffic analysis resistant communications networking

  • Tor is a onion-routed Internet communications network run by military, governments, corporations and private citizens which is designed so every connection goes through three servers, and no single server can view a connections entire path. This provides excellent traffic analysis resistance. Tor also provides other nice properties such as anonymity, privacy and safety.

Server administration

  • Chkrootkit : A handy tool that locally checks for signs of a rootkit. It's a nice tool to run on servers you don't login to frequently. If detects binary modification, utmp/wtmp/lastlog modifications, malicious kernel modules and more.

outdated tools

   old            new
   net-tools 	iproute2
   ifconfig 	ip addr, ip link
   ifconfig (interface stats) 	ip -s link
   route 	ip route
   arp 	ip neigh
   netstat 	ss
   netstat -M 	conntrack -L
   netstat -g 	ip maddr
   netstat -i 	ip -s link
   netstat -r 	ip route
   iptunnel 	ip tunnel
   ipmaddr 	ip maddr
   tunctl 	ip tuntap (since iproute-2.6.34)
   (none) for interface rename 	ip link set dev OLDNAME name NEWNAME
   brctl 	bridge (since iproute-3.5.0)