nMap, A Free And Must-Have Tool For Security Pros, Just Saved Me
As I go through my mailbox and sort through the 1,000 different security products that I'm seemingly pitched on every week, I couldn't help but smile as I reflected on the fact that some my favorite, and most useful tools,...
April 14, 2008
As I go through my mailbox and sort through the 1,000 different security products that I'm seemingly pitched on every week, I couldn't help but smile as I reflected on the fact that some my favorite, and most useful tools, are free. Call me crazy, but I'm in the habit of routinely hacking myself. If you're in the security space, you should get into the habit of doing it to. Probing your critical servers for security holes helps you get out in front of potential security threats before the bad guys can exploit them.
We're not all lucky enough to have IT budgets that provide for expensive IDS/IPS/NBA systems. But don't fret, there are some troubleshooting tools out there that can help you, for free, and I'll make a habit of sharing those with you in my blog as I discover them.
One such tool I use all the time is called nMap. I frequently use nMap in my Windows environment to gather information on what TCP ports are listening for connections on a given PC or server. I recently remotely scanned my own laptop from a server to check the health of my system. I was perplexed to see that nMap told me that port 25 was listening on my laptop. I then did a quick telnet to port 25 of my laptop and was greeted with:
220 tc4400.asdf.com Microsoft ESMTP MAIL Service, Version: 6.0.2600.3311 ready at Sat, 12 Apr 2008 17:19:00 -0400
If I were to see this prompt on my exchange server, I would be happy, but to see it on my own laptop made me cringe. A couple cups of coffee later, I realized that I enabled the SMTP Server on my local IIS install, and had the server open for anonymous SMTP relay. That's a filet mignon for worms looking for PC's to zombie and turn into SPAM bot's.The point: If I weren't in the habit of probing and hacking the machines I care about, my mistake would have certainly resulted in me finding out the hard way. And you don't necessarily need sophisticated tools to do it. A freeware tool was more than adequate for pointing out this security issue.
If you know of any great freeware security tools, PLEASE, share them with the community and myself. I know its cliché, but in the security arena more so than any other area of IT, knowledge is power.
Read more about:
2008About the Author
You May Also Like