A Very Few Network Security Tools and Its Overview

A very few network security tools used for various purpose by the network security professional and hackers. The below tools are use to gather the information of a system or any network device and do some attacks to gain access to those devices. I categories them and listed below. On the next part I will elaborate one by one.  

  

Netflow Analyser :

·         Nfdump: it collects and processes netflow data

·         Nfsen and RRD: it displays netflow data: Flows, Packets and Bytes using RRD

·         Fprobe:export captured traffic to remote netflow collector

·         flow-tools: it collects and processes netflow data

Packet Capture :

·         libpcap: used for a portable framework for low level network monitoring

·         wireshark: used for capturing and analyzing packets off wire

·         tcpdump: used for network monitoring

Databases:

·         PostgreSql

·         mySql

Intrusion Detection System:

·         Snort: used as an IDS for rule based logging and detects vulnerabilities

·         OSSEC : Host-based Intrusion Detection System used for log analysis, file integrity checking, policy monitoring and real-time alerting

Attack Generation:

·         ettercap-Gtk: used to generate attacks

·         nmap: used as a network mapper for security auditing

Intregated Tools:

·         OSSIM

·         backtrack-Linux

Other Misc:

·         nessus: used as a vulnerability scanner

·         ntop:used for network monitoring

·         nagios: used for host/service/network monitoring and management system

·         arp-watch:used for Ethernet /FDDI station activity monitoring system