If you’re connected to the Internet, keeping your network secure should be a top priority. Patching servers shows that you’re mindful of the risks, but testing your network for vulnerabilities is the only way to gain real confidence that you’re safe from crackers. Use our hands-on guide to analyze just how safe or assailable you actually are.
Whether you have one machine connected to the Internet or ten thousand, keeping your network secure should be a top priority. You patch your web server and are mindful of your firewall configuration, but is your site really secure? How do you check it?
Sure, you can spend spend many tens of thousands of dollars for a professional audit by a top-shelf security firm such as Foundstone, but in many cases, with a little bit of insight and a set of open source tools, you can find and fix the real trouble spots yourself. Here’s a hands-on introduction to finding security risks on your network.
Warning!
Do not test, probe, scan, audit, or assess networks that you don’t have permission to access.
It’s remarkably easy to get yourself into real trouble by going where you don’t belong. Network administrators with extensive experience with Internet security — often down to the packet level — can sometimes guess what kinds of probes they can “get away with” on a remote network, flying just under the radar. But others may find themselves the focus of a lot of unwanted attention, first by the scanned target, then by their own ISP’s abuse department, and then perhaps by local or federal authorities. In other words, is running an nmap scan on, say, Citibank really worth losing your cable modem over?
Visibility…
Please log in to view this content.
Not Yet a Member?
Register with LinuxMagazine.com and get free access to the entire archive, including:
