Ferramentas para Segurança de Redes

Esta é uma compilação de ferramentas gratuitas para Segurança de Redes, especialmente na parte de análise e diagnóstico de segurança e vulnerabilidades.

A lista é um pouco antiga, já que a última vez que ministrei a disciplina foi em 2008, mas ainda pode ser bastante útil. Sugestões e atualizações serão bem-vindas.

Use com responsabilidade e consciência!

Atenciosamente,

Prof. Filippo

DISTRIBUIÇÕES LINUX CUSTOMIZADAS PARA SEGURANÇA - FIREWALL COMPLETO

Untangle
http://www.untangle.com/
Untangle is the world’s first commercial-grade open source solution for blocking spam, spyware, viruses, adware and unwanted content on the network. The Untangle Gateway Platform, which is built around more than 30 of the best open source projects, provides small and medium businesses and channel partners with a free and better alternative to costly, inflexible proprietary appliances.
Demo (Live GUI Preview): http://untangledemo.untangle.com/webstart/gui.jnlp


SmoothWall Express
http://www.smoothwall.org/
The SmoothWall Open Source Project was set up to develop and maintain SmoothWall Express - a Free firewall that includes its own security-hardened GNU/Linux operating system and an easy-to-use web interface.

IPCop
http://www.ipcop.org/
The IPCop Firewall is a Linux firewall distro. It will be geared towards home and SOHO users. The difference with existing firewalls is that the IPCop interface will be very user-friendly and task-based.


Vyatta
Vyatta delivers complete, ready-to-deploy, open-source networking solutions [software and appliances] that make it possible for anyone to own an enterprise-class router/firewall/VPN for a fraction of the cost of traditional closed-source, proprietary products. 

Endian Firewall Community
http://www.endian.it
Endian Firewall Community is a "turn-key" linux security distribution that turns every system into a full featured security appliance. The software has been de signed with "usability in mind" and is very easy to install, use and manage, without losing its flexibility. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN). The main advantage of Endian Firewall is that it is a pure "Open Source" solution that is sponsored by Endian.

Securepoint Security UTM Software
http://www.securepoint.cc/products-software.html
Securepoint gives you the possibility to use the Securepoint Security Suite 2007nx on any hardware (see whitepapers), in order to enable an entirely individual scaling suited to your company or the use with fixed manufacturer's specifications.

Gibraltar
http://www.gibraltar.at/
Gibraltar Security Gateways provide a comprehensive and competitive protection against a multitude of current security risks and threats. They combine several important security applications into one product and provide for secure connections in your network. Gibraltar is either available preinstalled on five different hardware appliances or just as a software release. Gratuito apenas para uso pessoal!

EBOX PLATFORM
http://ebox-platform.com/
The eBox platform will effectively and easily help you in managing the advanced services for your corporate network. Designed with extensibility in mind it offers, among others, these modules: Firewall, Transparent proxy, Traffic shaping, VPN’s, Content filter, NTP Server, Users and groups, Mail server…

Zeroshell
http://www.zeroshell.net/eng/
Zeroshell is a small Linux distribution for servers and embedded devices aimed at providing the main network services a LAN requires. It is available in the form of Live CD or Compact Flash image and you can configure and administer it using your web browser.

BackBox Linux
http://www.backbox.org/

Flexible Penetration Testing Distribution. BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools.

pfSense 
http://www.pfsense.com/
pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices.

SCANNERS TCP / IP

Scanner Avançado de IP - Scanner Avançado de Porta - Scanner Avançado LAN
http://www.radmin.com.br/products/utilities.php
O Scanner Avançado de IP Scanner é um scanner para LAN rápido, robusto e fácil de usar para Windows. Com ele é possível ter acesso fácil e em poucos segundos a vários tipos de informações sobre a rede local de computadores!
O Scanner Avançado de Porta é um scanner de porta pequeno, rápido, robusto e fácil de usar para plataforma Win32. Ele usa uma técnica de múltiplos threads, assim em máquinas rápidas é possível rastrear portas de modo bem mais rápido. Ele contém também descrições para portas em comum e é possível rastrear em variações pré definidas de portas.
O Scanner Avançado LAN é um scanner de rede altamente configurável, pequeno, fácil de usar para Win32. E ele é MUITO rápido. O Scanner Avançado LAN usa método de múltiplos threads, assim é possível rastrear mais de 1.000 elementos por segundo!

ANT (Advanced Net Tools)
http://www.dreamsyssoft.com/advanced-net-tools/
Scanners e outros utilitários.


Paglo Crawler
http://www.paglo.com/opensource
Paglo Crawler is a supersearcher that discovers everything about your devices, networks and users, and securely transports that data to your Paglo Web account. It is the key discovery tool that makes the power of Paglo possible.

Roguescanner
http://www.paglo.com/opensource
RogueScanner is a tool focused on device discovery and rogue detection. It is focused solely on classifying devices so you can quickly understand what's on your network. If you want to capture more IT data and answer computer, network, and user questions, use the Paglo Crawler!

NetBrute
http://www.rawlogic.com/netbrute/
NetBrute scans a range of IP addresses for shared resources that have been shared via Microsoft File and Printer Sharing. In addition, any SMB compatible shared resources will show (i.e. Samba Servers on a Unix/Linux machine). It is to be used by system administrators or home users to see what types of resources are shared and to warn the computer users if any unsecured resources are displayed.

AutoNOC Port Scan
http://www.autonoc.com/freestuff/portscan.html
AutoNOC Port Scan quickly analyzes a machine to identify what ports are available on a remote machine (and potentially vulnerable to break in). Our version of AutoNOC Port Scan runs in parallel to instantly evaluate the services available on a remote device or node.

NirSoft
http://www.nirsoft.net
NirSoft web site provides a unique collection of small and useful freeware utilities.


SCANNERS DE VULNERABILIDADES

Acunetix WVS Free Edition
http://www.acunetix.com/cross-site-scripting/scanner.htm
Acunetix WVS Free Edition will scan your website for Cross Site Scripting vulnerabilities and it will also reveal the essential information related to it: such as the location of the vulnerability and techniques to fix the problem.


It provides a free set of Web Security Assessment checks to enhance the overall security of your web server infrastructure, using the most complete web attack signature database available in the market – “N-Stealth Web Attack Signature Database™”.

PC Security Test (para micro local)
http://www.pc-st.com/us/
PC Security Test is a free program for Windows that checks computer security against viruses, spyware and hackers. With a few mouse clicks, users can easily control the efficiency of their protection software (anti-virus programs, spyware scanners and firewalls). PC Security Test simulates virus, spyware and hacking attacks and monitors the responses of your protection software. Don't worry, no real viruses are involved ! After the tests are complete, PC Securtiy computes a security index and provides tips on improving PC security.

SNIFFERS

Wireshark
http://www.wireshark.org/
Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.

Packetyzer
http://www.paglo.com/opensource
Packetyzer is a packet analyzer for Windows with a Windows user interface for the Ethereal packet capture and dissection library.

WinPcap
http://www.winpcap.org
WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.

GERENCIADORES / MONITORES DE REDE

Network Magic Free Version
http://www.networkmagic.com/
Gerenciador para redes SOHO.

Spiceworks
http://www.spiceworks.com/
Automatic PC and software inventory and IT asset reporting to simplify your job. Network monitoring and troubleshooting to keep things running smoothly. An easy to use IT help desk for your company. IT answers, product reviews, and advice from SMB IT pros like you.

NetLimiter
http://www.netlimiter.com/
Internet traffic monitoring tool


SERVIÇOS ON LINE

Pure Networks Security Scan
http://www.purenetworks.com/securityscan/
Free wireless network security scan.

F-Secure Health Check
http://support.f-secure.com/enu/home/onlineservices/fshc.shtml
Checks whether you have an Anti-Virus, Firewall and Anti-Spyware software installed on your computer. Checks whether you have known vulnerabilities in your applications. Checks whether you have applications that are no longer supported by the vendor. Helps you fix the vulnerabilities found.

Qualys Free Network Security Scanner : Free Security Scan
https://freescan2.qualys.com
FreeScan allows you to quickly and accurately scan your server for thousands of vulnerabilities that could be exploited by an attacker. If vulnerabilities exist on the IP address provided, FreeScan will find them and provide detailed information on each risk - including its severity, associated threat, and potential impact. It even provides links to give you more information about the vulnerability and how to correct it.

Qualys' free SANS Top 20 Scan
http://www.qualys.com/forms/trials/sans20/
Qualys' free SANS Top 20 Scan detects the 20 most dangerous vulnerabilities impacting networks worldwide. The top 20 list is published twice a year by the SANS Institute, a trusted source for information security training, certification and research. If any of the top 20 vulnerabilities are found, Qualys provides a detailed report with information for each vulnerability and links to verified fixes.

DES Password Analysis
http://www.rawlogic.com/password/
Serviço on line para quebrar senhas Unix.


MISCELÂNEA

Firewall Builder
http://www.fwbuilder.org/
Firewall Builder is a GUI firewall configuration and management tool that supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA) and Cisco routers extended access lists. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations.

The Network Toolkit - Free Edition
http://www.cacetech.com/products/toolkit_free_edition/index.htm
The Network Toolkit - Free Edition is a fully functional version of The Network Toolkit, with the same console and the ability to run from CD or USB pen drive. However, it contains a limited set of tools. We are providing the Free Edition so that you can experience the features and benefits of The Network Toolkit. For every tool, you will find a description, a Getting started page, comprehensive documentation and a set of links. The Network Toolkit - Free Edition can be downloaded in the following formats: ISO, ZIP and U3 installer.

Network Notepad Homepage
http://www.networknotepad.com/
Network Notepad is a Freeware program for creating interactive network diagrams.

Technitium MAC Address Changer
http://www.technitium.com/tmac/
Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must tool in every security professionals tool box. Technitium MAC Address Changer is coded in Visual Basic 6.0.

AutoNOC Trace-3D

It is estimated that Trace 3D has been downloaded by more than 1,000,000 people all over the world. Find out why so many people use it and why it has received Editor's Pick awards from PC World, Webattack, and many other organizations. The new version 4.0 includes live updating of Trace Route over time.

NirSoft
http://www.nirsoft.net
NirSoft web site provides a unique collection of small and useful freeware utilities.

EXTENSÕES PARA FIREFOX

Broadband Speed Test and Diagnostics

This extension includes a set of tools for broadband users. It can measure the bandwidth of Internet connections and perform diagnostic tests (connectivity, ping and traceroute etc).

HttpFox

An HTTP analyzer addon for Firefox

FoxyProxy
https://addons.mozilla.org/pt-BR/firefox/addon/foxyproxy-standard/
FoxyProxy is an advanced proxy management tool that completely replaces Firefox's limited proxying capabilities.

POW -- Plain Old Webserver

https://addons.mozilla.org/pt-BR/firefox/addon/3002
Turn the web on its head with the Plain Old Webserver (POW), which adds a server to your browser.
Comments

Reflexão

Vende-se