You were likely at least partially responsible for burglary if you’ve been a victim of one in the recent past. The most common reasons for home break-ins are an open window, an unlocked door, or an expensive item left in an enticing location. It may be difficult to admit, but it is true. While there is no way to be 100 percent certain that you will not be a victim of a robbery, taking some simple precautions can significantly reduce your chances of being a victim, as would-be thieves move on to easier targets.
The same principles apply to the security of a home network. Unfortunately, almost no systems are completely “hacked proof” – but browser security tests, server security measures, and network safeguards can all help to make your setup much more secure.
It is possible to quickly and easily identify which areas of your business are “weak spots” by utilizing some free tools, allowing yourself to address these issues before a serious breach occurs. Some of the best are highlighted in this article:
Nmap would be impossible to leave out after being named “Security Product of the Year” by Linux Journal and appearing in twelve different films (including The Matrix Reloaded and Die Hard 4) over a year.
A free tool that works on Linux, Windows, and Mac OS X, the product goes by the name of Network Mapper (short for Network Mapper). It works by analyzing raw IP packets to gather a wealth of information about a network’s configuration, such as which hosts are available, which services are being offered, which operating systems are being used, and which types of firewalls are in use. It is available for free download here.
When the scan is complete, you’ll be presented with a “map” of your network. Identifying and exploiting network vulnerabilities has numerous advantages from a security standpoint; you can audit the security of a device and firewall by discovering the connections it allows, you can assess the security of a network by discovering new servers, and you can discover and exploit network vulnerabilities in real-time.
NESSUS has recently been converted to a closed-source program, but it is still free to use for personal purposes. According to reports, it is the most widely used vulnerability scanner in the world, with more than 75,000 businesses around the world utilizing it at any given time.
It is compatible with Windows, Mac OS X, and Linux, and it can be installed on a personal computer, in the cloud, or a hybrid environment.
A remote hacker could gain control or access to a system through flaws such as an incorrectly configured network, failure to change default passwords, and common passwords and missing passwords, which are the primary vulnerabilities it scans for. It also checks for denials of service against the TCP/IP stack by sending malformed packets, and it provides preparation for PCI DSS audits, among other things.
Cain and Abel [No Longer Available]
Cain and Abel describe themselves as a password recovery tool for the Microsoft Windows operating system. When it comes to actual use, however, it is much more versatile – it can capture and monitor network traffic for passwords, crack encrypted passwords using a variety of methods, record VoIP conversations, and even recover wireless network keys. While its password recovery tool may be useful from time to time, you can also use the software to test the security of your passwords by turning it on its head and running it through its paces.
In addition, the software can perform a dictionary attack test (in which it attempts to guess every word in the dictionary), a brute force attack test (in which it attempts to guess every possible combination of upper/lower case letters and numbers), and a cryptanalysis attack test (in which it attempts to “beat” common password encryption techniques – all of which are timed. It means that you’ll be able to quickly identify which passwords are the weakest and change them as needed as a result.
Ettercap, which is compatible with all major operating systems, is a comprehensive suite for preventing man-in-the-middle attacks on local area networks.
It is possible to be victimized by a man-in-the-middle attack when an attacker relays and alters the communication between two users who believe they are directly and privately communicating. It can be a relatively simple attack to carry out, with users of unencrypted WiFi wireless access points being particularly vulnerable to this type of attack.
Live connections and content can be monitored on the fly using the software, which can filter packets based on IP addresses or MAC addresses, but the network interface into promiscuous mode, or ARP poison the target machines.
Niko2 Nikto is a web server scanner that can detect over 6,700 potentially dangerous files or programs, outdated versions of more than 1,250 servers, and version-specific issues on more than 270 servers. It can scan for over 6,700 potentially dangerous files or programs, outdated versions of more than 1,250 servers, and version-specific issues on over 270 servers. Additional considerations include server configuration issues such as multiple index files and various HTTP server options, as well as an attempt to identify any web servers or software that has been installed.
Running web server vulnerability tests, such as those provided by Nitko, is essential because hackers are increasingly targeting web server vulnerabilities to gain access to a company’s network. Everything from insecure WordPress implementations to outdated Apache servers has been reported as being targeted by hackers.
Wireshark is a packet analyzer that can be used on Windows, Mac OS X, and Linux systems, among others. The first version of the software was released in 1998, and it has since become the de-facto standard in a wide range of industries. It has received recognition from eWeek, InfoWorld, and PC Magazine, among other publications, and was named “Project of the Month” by SourceForge in October 2010.
While it allows you to quickly and easily see what all of your users are up to on your network, it also provides you with a method of identifying and remediating unusual traffic that could be linked to a Trojan.
There are several different networks supported, including Ethernet, IEEE 802.11, PPP, and loop-back, and the captured data can be browsed either through a graphical user interface or through a command-line terminal. Data can be derived from a live network connection or read from an archive of previously captured packets.