nmap will tell you what ports are open on a server if thats all you want to do, it cant get any easier.
If a application crashes because it received unexpected data, you should really fix it, its a bug. Show the programmer docs on input validation. I haven't used SARA, but I highly recommend Nessus, its not hard to use and its probably the best open source security scanner out there. Its al GUI point and click and gives you a pretty report full of stuff. -miah On Wed, Jan 07, 2004 at 04:39:53PM -0500, [EMAIL PROTECTED] wrote: > > My manager wants to be able to scan a server to see what ports are open > and make sure the open ports are those that are allowed according to our > security policies before we release the server for production use. > > In addition, the tool should not interfere with or shutdown application > ports > while scanning. This has happened once in our environment and it basically > crippled the application. > > One of my colleagues is in favor of using SARA. Since I have never used > any network tools before, I am looking to my fellow admins for suggestions > on what works well with Linux which meets my requirements and is not very > difficult to configure and use. And is free. :-) > > > Thanks! > Sharon > > > > > > > > > Public > > <[EMAIL PROTECTED] To: [EMAIL PROTECTED] > > m> cc: > > Subject: Re: [BBLISA] Question about > Network analysis tools > 01/07/2004 04:28 > > PM > > > > > > > > > > That brings back memories. As someone else mentioned, SATAN is at least > 9 years old. I'm not sure it will even compile "out of the box" on the > latest Linux distributions. As I recall there was a tool called SAINT > that was designed to supersede SATAN. > > Is this project better defined than "throw something like SATAN on a > Linux box"? i.e. What problem are you trying to solve? That may make it > easier to suggest tools for the job. > > > FWIW, you may want to check out the following open source tools: > > 1) NMAP http://www.insecure.org/nmap/index.html > > 2) Nessus http://www.nessus.org/ > > 3) Snort NIDS http://www.snort.org/ > > - Paul > > > > On Tue, 2004-01-06 at 16:02, [EMAIL PROTECTED] wrote: > > I have been asked to install a network security analysis tool like SATAN > > on a linux machine. The linux machine is running RedHat Advance server > > 3.0. > > > > I would like to know how the various tools compare and which one(s) are > > used in most/many companies. > > > > My thanks in advance to all those who reply. > > > > > > - sharon > > > > > > _______________________________________________ > > bblisa mailing list > > [EMAIL PROTECTED] > > http://www.bblisa.org/mailman/listinfo/bblisa > > > > > > _______________________________________________ > bblisa mailing list > [EMAIL PROTECTED] > http://www.bblisa.org/mailman/listinfo/bblisa _______________________________________________ bblisa mailing list [EMAIL PROTECTED] http://www.bblisa.org/mailman/listinfo/bblisa
