Beware of these Network Security Tools
Network Security Tools are programs who give you interesting information about computer networks. This is a list of tools you really should know about - and know how to (ab)use - if you are a network administration, computer scientest, journalist, political activist or just not as dumbed down and mindcontrolled by television as most people.
Introduction[edit]
The first thing you should do when learning about tools such as these is to learn how to use the tools, first and foremost by testing your own computer security. For example, many ignorant people think that a "firewall" somehow gives more than a false sense of security.
A firewall is based in the illusion that it's somehow hard to dress up as a janitor or a consultant or delivery boy to get inside the building and thus inside a "firewall". Thus; you should learn how to use NMAP and scan your corporations network from inside if you're a IT guy in a corporation. Just having heard of nmap doesn't help. Try ut. Use it.
Highly recommended Network Tools[edit]
Secure traffic analysis resistant communications networking[edit]
- Tor is a onion-routed Internet communications network run by military, governments, corporations and private citizens which is designed so every connection goes through three servers, and no single server can view a connections entire path. This provides excellent traffic analysis resistance. Tor also provides other nice properties such as anonymity, privacy and safety.
Server administration[edit]
- Chkrootkit : A handy tool that locally checks for signs of a rootkit. It's a nice tool to run on servers you don't login to frequently. If detects binary modification, utmp/wtmp/lastlog modifications, malicious kernel modules and more.
outdated tools[edit]
old new
net-tools iproute2 ifconfig ip addr, ip link ifconfig (interface stats) ip -s link route ip route arp ip neigh netstat ss netstat -M conntrack -L netstat -g ip maddr netstat -i ip -s link netstat -r ip route iptunnel ip tunnel ipmaddr ip maddr tunctl ip tuntap (since iproute-2.6.34) (none) for interface rename ip link set dev OLDNAME name NEWNAME brctl bridge (since iproute-3.5.0)