Tools
Several tools were discussed throughout this book. This is a brief recap of some of the tools and when you would want to use them.
Nmap
Refere to the following site: www.insecure.org
By and large, this is one of the most powerful tools available. It allows you to scan a <target>
for open (or closed/filtered) ports, what services are running, and the operating system. Sometimes, it can identify with a high degree of accuracy the physical equipment running. You will want to use Nmap to determine which ports/services are available (among other things) on your server. This will give you the ability to close any ports that are not required to be open. It will also allow you to gather critical information about your server such that you can Google for vulnerabilities.
Note
Wonder what your desktop looks like? Try this Nmap tool set to see what you are showing the outside world from your desk.
Refer to: http://nmap-online.com.
The following are options you can use to scan your server to determine different attributes:
Option |
Description |
---|---|
-sS |
TCP SYN scan |
-sT |
TCP connect scan |
-sF |
FIN scan |
-sX |
XMAS tree scan |
-sN |
NULL scan |
-sP |
PING scan |
-sU |
UDP scan |
-sO |
Protocol scan |
-sA |
ACK scan |
-sW |
TCP Windows scan (Not Windows) |
-sR |
RPC scan |
-sL |
List / DNS Scan |
-sI |
Idle scan |
-Po |
DO NOT PING |
-PT |
SYN PING |
-PS |
TCP PING |
-PI |
ICMP PING |
-PB |
TCP and ICMP Ping |
-F |
FAST scan |
-p |
PORT Range |
--reason |
Reason for port / host state |
This list, while not exhaustive, is a complete enough list for everyday use. Again a strong word of caution: Nmap or any other scanning tool is OFTEN frowned upon by server administrators. I STRONGLY suggest you to get their permission before scanning. Further, DO NOT use this or any other tool against a site or target computer that you DO NOT have permission to scan. Also, the use of any of these tools is completely your own discretion and I disclaim ANY responsibility for their use on ANY computer or network. In other words, use at your own risk.
Note
Where can I learn more about Nmap?
The best place to learn for free is to read the excellent documentation on Fydor's site www.insecure.org. You can also purchase the book Nmap in the Enterprise: Your Guide to Network Scanning by Angela Orebaugh and Becky Pinkard.
Telnet
This very old and very handy entry into your server will give you a quick look to see if you can first of all gain access and to which ports.
Check for open MySQL port:
telnet <target IP address> 3306
Did you get a connection?
Use this on the telnet port as well:
telnet <target IP address> 23
Can you connect?
FTP
From your DOS Command prompt, test the FTP connection. Again a well-tuned system should not let you in and should NOT provide information as to what you are connecting to. One test is to try to connect anonymously with the FTP prompt.
Virus Scanning
Periodically scan your backups (gzip, tar, or zip) for viruses. This will ensure that nothing has crept into your system unannounced.
JCheck
This commercially available alerting tool should be installed on all your Joomla! sites. The cost is very low and the benefit of having a Joomla! trip wire system is invaluable.
You can purchase it at: www.ravenswoodit.co.uk.
Joomla! Tools Suite
Without a doubt, you should have this complete set of tools in your box. This powerful tool is available under GPL. It will help you to quickly diagnose permission problems on both directories and files. Additionally, it has several other features that make it a must-have such as telling you all about your environment from a single window.
Get this one today: www.justjoomla.com.au.
Tools for Firefox Users
Since you will use your browser often, adding as much protection to it as possible is the key. One impressive add-on for Firefox is NoScript (v.1.6.9.3 as of time of writing). This add-on will stop scripts from running on any site you visit, until you give them permission. Once granted, you needn't worry any more. They will be there next time. The beauty of this is it helps stop XSS, drive-by downloads, and a whole lot more that could easily transfer to your site in an ordinary administrative moment.
Netstat
Occasionally, it's good to check your equipment for "listeners".
On your Windows box, open a command prompt and type:
Netstat
This will quickly show you all the TCP/IP sessions and other sessions currently being served up on your machine. Keeping your site safe is one thing, and making sure you don't put something on your site is another.
Wireshark
This is a protocol analyzer tool.
Wireshark will allow you to monitor traffic on the wire. It allows deep inspection, offline review of your traces, and more.
As per the help files of Wireshark, some instances for you to use Wireshark are:
As a network administrator, use it to troubleshoot network problems.
As a network security engineer, use it to examine security problems.
As a developer, use it to debug protocol implementations.
Use it to learn network protocol internals.
Nessus
This is a vulnerability scanner.
Using Nessus, you can test your server for unpatched holes, various vulnerabilities, and exploits. This is a great tool and one you should be very familiar with. Please see its website http://www.nessus.org for more information.