Network security has been, and will continue to be, a hot topic among information technology professionals.  As a systems or network administrator, you should not only be aware of the need to keep a close eye on security, you should be actively engaged in it every day.  In addition to the tools listed below, you should also be looking at specialized training like Cisco CCNA Security training, Windows or Linux/Unix Security Training.

New vulnerabilities are discovered every day that could allow an attacker to penetrate your infrastructure.  Company data, company secrets, account information, financial data and more is at risk if your network is compromised. 

Here are 10 hacking tools that you should be aware of and use on a regular basis to help you see what the hackers see, and to keep your networks more secure.

Packet Sniffers

1. WireShark (http://www.wireshark.org)

Wireshark is perhaps one of the most widely used (and free) network monitoring / packet sniffing tools out there.  When you download and install, it will also install the WinPcap application.  Once your familiar with WireShark, you’ll be able to sniff your corporate network, trace conversations, identify insecure passwords, etc (especially using additional software like Cain & Abel).

This tools runs on Windows, Linux and Mac systems

2. Kismet (http://www.kismetwireless.net)

Kismet is a very powerful wireless sniffer, often used for “wardriving” (driving or walking around, searching for wireless networks to connect to).  A lot of features in this application including the ability to identity non-beaconing networks (networks that aren’t broadcasting their SSID).  Always a good idea to see how secure (or insecure) your wireless networks are if you have them within your company.  Wireless networks are one of the larger security holes in many networks (and home networks).

This tools runs on Windows, Linux and Mac systems

3. Cain & Abel (http://www.oxid.it/cain.html)

One of the most popular “password recovery” tools for Windows operating systems is definitely one you should be familiar with.  Insecure (i.e. weak) passwords offer little to no defense against a fairly knowledgeable hacker.  If they can can physical access to your network (including attaching to wireless networks) chances are they can sniff the network traffic and crack insecure passwords in a matter of seconds to minutes.  Routinely check your network for the existence of weak passwords using a tool like Cain & Abel to identify user’s who need to strengthen their passwords.

This tools runs on Windows, Linux and Mac systems

4. Metasploit (http://www.metasploit.com)

This tool is geared more toward people who do penetration testing (pen testing), patch installation verification, regression testing, etc.  It’s a framework that allows you to develop tools to test and launch exploits against your system to verify patches, defenses, etc., are working correctly.  A little more learning curve here, but if you really want to take your skills to the next level, this is one tool you should add to your skillset.

This tools runs on Windows, Linux and Mac systems

5. Hping2 (http://www.hping.org)

TCP/IP packet injection and manipulation is again a skill that is a little higher on the food chain, but something you should become familiar with.  Using this tool you can send partial ping packets, IP fragmentation, etc., to test firewalls, discover firewall rulesets, remote OS fingerprinting and more.

This tools runs on Windows, Linux and Mac systems

6. Nikto (http://www.cirt.net/nikto2)

If your organization maintains web servers, or you have a hosted solution that you want to ensure is up to snuff, a tool like Nikto might very well fit the bill.  It is a web scanner that can scan for thousands of potential vulnerabilities, and best of all it’s free and open source.

From the cirt.net website: Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

This tools runs on Windows, Linux and Mac systems

7. Nmap (http://nmap.org)

Nmap is a network mapping tool that can be used by security administrators to scan and test their networks for unidentified servers, hosts with vulnerabilities and/or unnecessarily open ports, etc.  Nmap is a popular tool among security administrators and hackers alike, and has been featured in such Hollywood movies as the Matrix: Reloaded and Die Hard 4: Live free or Die Hard.

This tools runs on Windows, Linux and Mac systems

8. Nessus (http://www.nessus.org)

Nessus is one of the most powerful network scanners available, and most serious security administrators tool of choice.  They have moved from offering a free version to a commercial version, which is potential cost prohibitive to some administrators.  However when you factor in the cost of remediating a hack to your network or infrastructure, potential loss of data, critical systems, and/or reputation it’s a small price to pay.

This tools runs on Windows, Linux and Mac systems

9. Snort (http://www.snort.org)

Snort is an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) that is widely used by security administrators to detect intrusions into their networks. It combines the benefits of signature, protocol and anomaly based inspection and is one the most widely deployed IDS/IPS technology worldwide.  There are a few pre-requisites for installing and running Snort, including Libpcap, PCRE, Libnet and Barnyard.

This tools runs on Windows, Linux and Mac systems

10. Retina (http://www.eeye.com/html/Products/Retina/index.html)

A commercially available network and security scanner from the folks at eEye Digital Security, Retina is a full-featured network monitoring application.  While not free nor open-source, it’s a popular tool used by many corporate and government security administrators.  Retina can also report on compliance with many corporate policies including SOX, HIPAA, GLBA, PCI and others.

Cisco CCNA Security 640-553 Secure Network Management

This video is from our Cisco CCNA Security Series – Implementing Cisco IOS Network Security (IINS) for exam 640-553.

The full series contains 20 videos and is over 11 hours of world class training you can watch anytime, anywhere. Our training comes in High Resolution AVI, iPod and mp3 formats to give you a number of choices in how you want to study and train.

Our training also comes with MeasureUp exam prep software, to fully prepare for the exam and the real world.

Palaestra Training creates IT Certification Training videos for Information Technology professionals looking to achieve Microsoft, Cisco or CompTIA certifications as well as people looking to learn new skills. 

We’re pleased to announce that we now offer the award-winning MeasureUp exam simulation software with most of our training titles.

We include a full copy of MeasureUp’s award-winning exam prep software with most of our training titles.  This allows us to provide students with the best possible training experience.

MeasureUp has been a long time favorite among IT professionals and was awarded Redmond Magazine’s Preferred Product award as well as being a CertCities Reader’s Choice Awards finalist. 

Palaestra Training President, Christopher Rees states,  “MeasureUp’s exam preparation software is a great addition to our product offerings, and a perfect compliment to our already solid training.  Students are assured of getting the best training at a great price, now with the addition of exam prep tools to make sure they’re able to apply what they’re learning.”

Even in today’s economy, IT professionals continue to be in high demand and this trend is likely to continue for the next decade.  Our Computer Training Videos allow you to learn anytime, anywhere at your own pace.  Now is the time to invest in yourself and learn the skills that will make the difference in your career.

For more information, visit us online at www.PalaestraTraining.com

Every few years it seems like a massively virulent worm makes its way around the internet, and certainly this year is no exception.  The worm that everyone has been talking about the last few weeks is the Conficker Worm (Conficker.C to be precise, as this is the third variant of this worm).  This little piece of code does a lot to hide itself and takes advantage of a flaw in unpatched Windows systems.  It has the potential to be very nasty and can quickly spread around a network (and beyond) if left unchecked. 

Over 15 million PCs have reportedly been infected, and all of these suspected infections are supposed to kick in and “phone home’” on April 1st.  What happens when all these machines start phoning home?  No one knows for sure since it hasn’t happened yet, but the general consensus is that one goal may be to create a giant distributed computing environment that can be used for many different purposes; from spamming to snooping, collecting data, logins and passwords, sensitive information and so forth.  Another potential use would be a large-scale Distributed Denial of Service attack (DDOS attack).

Most of the Anti-Virus companies out there have been talking about conficker for weeks or more, and offer ways to keep your systems updated.  Make sure whatever anti-virus package you use, you keep updated.  Also install all the latest patches and/or service packs for your operating system (Mac users don’t have to worry about conficker unless you’re running Windows in a virtual machine or dual booting (i.e. bootcamp)).

Another great weapon against worms like conficker is the free DNS service called OpenDNS (www.opendns.com).  We’ve talked about OpenDNS before and how it can keep your browsing safer and more secure.  They’re an excellent service that enables you to fine tune your DNS and control what your users (or children) can and can’t get to.

OpenDNS has been actively updating their blocklist to include all the domains conficker may try to contact.  Worms like conficker, once activated, contact sites on the internet to get further instructions on what do to, where to go, etc.  Conficker.C supposedly generates some 50,000 domain names a day so trying to keep up with your own blocklist by hand would be a daunting, if not impossible task.

That’s one of the beautiful things about OpenDNS, is that they keep those blocklists updated for you.  By blocking access to those domains at the DNS level, you can effectively shut out any possibility (or most possibilities) of the worm actually being able to do anything.

So to protect yourself, some things to consider:

1. Update your anti-virus programs as soon as possible
2. Ensure real-time scanning is enabled on your Anti-Virus programs
3. Install all hotfixes, patches and updates
4. Turn on firewalls if appropriate (at the router or perimeter as well as individual machines – Again, do so where appropriate and make sure doing so doesn’t break any critical applications or connectivity)
5. Utilize a service like OpenDNS that blocks the vast majority of threats like the Conficker worm at the DNS level

Following these steps can go a long way to preventing the spread of worms, viruses and other general nuisances.

If you have a method or tool you use to keep your networks safe, please feel free to share!

Over at ZDNET.com, they have a new post reviewing the newly leaked 7057 build of Windows 7.  While not the official Release Candidate 1 (RC1) build, they [and other sites] claim the UI has been cleaned up quite a bit, new themes and avatars added, and other graphical polishings that would would lead one to think the Release Candidate is right around the corner.

Others have posted some new screenshots, updates and information on the new build as well, including Paul Thurrott’s Windows Supersite.  Paul’s website is a wealth of information on all things Microsoft and definitely worth checking out if you haven’t been there before.

What does this mean in the grand scheme of things?  Basically it means the Release Candidate (RC1) is getting closer (rumor has sometime in April) and each successive leaked release gives you a closer hint at how this new OS is going to perform.

As an IT professional, it’s always good to get a jump on what’s coming down the pike so you can test things like application, driver and component compatibility.  At this stage a beta doesn’t really help in those areas, but it does prepare you with regard to the overall look and feel, where things are located, nuances with the user interface, imaging requirements, tweaks, etc. 

I haven’t had time to really spend with the new build, but I wanted to let everyone now about it and also get some feedback.  If you’ve been using it (or any Windows 7 build) leave a comment and let everyone know your thoughts.

• Do you like Windows 7 compared to Vista or Windows XP?
• Are you planning on upgrading your personal computer, or if you’re an IT person – upgrading your company
• What enhancements would you like to see that aren’t there?

Palaestra Training is pleased to announce that we have a new trainer joining the company.  Koren Archibald, a Cisco Certified Instructor and Cisco Security expert will be bringing her vast knowledge and expert training skills to our Cisco CCNA: Security video training series scheduled for release in mid-May 2009.

Koren has been training and consulting in the most dynamic environments for over 10 years. She has worked and trained people across a wide spectrum of industries including government, commercial, secure, and extremely large network infrastructures. Koren is also a Microsoft Certified Trainer and consultant with a remarkable ability to convey information clearly and creatively in a technical environment.

She is the president of Wise Technical Innovations in Norfolk, Virginia and her company specializes in the following:

• Creating Cisco secure environments
• System Center Configuration Manager 2007
• SMS
• Project Server 2007 deployments in multi-site environments.

She is well-known for providing tailored solutions that are a perfect blend of training and consulting and Palaestra Training is excited to be able to provide that perfect blend of technical expertise and engaging presentation skills to our students and customers.

Other certifications Koren holds:

• Cisco Certified Systems Instructor #30837
• Cisco CCNA
• Cisco CCNP
• Microsoft MCSE on 2003, 2000 and NT 4.0
• Microsoft Certified Trainer (MCT)
• MCTS Windows Server 2008 Active Directory & Applications Infrastructure
• MCTS Windows Server 2008 Network Infrastructure & Windows Vista
• MCTS Microsoft Office Project 2007
• IT Project+
• Network +

I recently ran into an extremely annoying situation on two different computers, and strangely enough, two different operating systems.  One was a Windows Vista desktop and the other an Windows 2003 Terminal Server.

Every time I would launch Microsoft Word, it would crash upon exit.  I tried a number of recommendations from various tech websites, but nothing did the trick.

Finally I came across the fix, which was to fire up the good old registry editor (start > run > regedit) and delete a specific key in the registry.

The offending key is the DATA key under the following location:

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\

The “12.0” will vary depending on what version of Office you have installed.  Backup your registry first (anytime you work with the registry, back it up before you do anything…..  Just in case..).  Super important.  Hopefully you never need it, but it can save your rear-end should you ever need to revert back if something goes wrong.

Once you’ve “backed that thang up”, delete the “Data” key and fire Word back up.  Once I did that, Word started without a hitch and shutdown without a problem.  Hopefully this quick fix helps you as well!

Please leave a comment and let me know how you made out!

Cisco CCNA Videos – Inter-VLAN Routing

One of our most popular Cisco CCNA Training videos, and one of the most viewed Cisco CCNA training videos on YouTube!

Aaron Wall, SEO superstar and owner of www.seobook.com has just released the panacea of SEO tools that adds a wealth of SEO information to your Firefox browser.

Combining the best of breed tools for research and discovery, this is one toolbar you’ll want to add to Firefox if you’re serious about SEO.  I replaced my Google toolbar with this one (the only thing I really used the Google toolbar for was to get a quick glance and a site’s PageRank) and a link to gmail.

The toolbar provides a very robust toolset, but also provides a built-in RSS reader already populated with many popular SEO RSS feeds.

To really get a feel for all this toolbar has to offer, check out Aaron’s site and description of the toolset.  I think you’ll find it a huge timesaver when researching and comparing one site to another, against competitors, etc.  I will post another review of the toolbar and how it’s helped us once I’ve had a week or two to use it and dig into the power it provides.  Thanks Aaron for another great contribution to the SEO community.

Internet Safety is an important part of the digital age for anyone that has children old enough to be surfing the internet.  This doesn’t just mean connecting to the internet through the family computer.

There are a multitude of ways to connect to the internet these days, from internet-enabled cell phones, online games, gaming consoles (xbox, xbox360, Wii, PS3, etc).  Additionally, it doesn’t necessarily protect you simply because you have strict rules in your house or you monitor what your children do. 

For example, you might have strict internet usage polices at home, but that doesn’t mean the neighbor’s do as well.  That doesn’t mean your child wont be able to access the internet unrestricted at a friend’s house.  With WiFi hotspots practically everywhere, a child with a laptop can connect virtually anywhere if they exhibit a little persistence.

Read the rest of this entry »