RE: The Ultimate Toolkit...

From: Steven A. Fletcher (sfletcher@integrityts.com)
Date: Fri May 07 2004 - 15:34:39 EDT


The Windows port of Nessus is called NEWT and is sold by Tenable
Security, a company that was at least partially started by the original
creator of Nessus, Renaud Deraison.

Personally, I have tried NEWT and I am not impressed. Nessus appears to
be much better and, of course, is DRASTICALLY cheaper. :)

Steve Fletcher
Senior Network Engineer, MCSE, Master ASE, CCNA
Integrity Technology Solutions
Phone: (309)664-8129
Toll Free: (888) 764-8100 ext. 129
Fax: (309) 662-6421
sfletcher@integrityts.com

Mark Melonson wrote:

> Hi all,
>
> I'm researching tools, and would like input on, what
> would be your ultimate toolkit be. I'm attempting to

For a Windows system I would certainly include Cygwin and selected
utilities - eg. Perl is a must. There's also a Windows port of dig
knocking around which is handy. Cain & Abel is nice in some
ircumstances... there's a Windows port of the Nessus /server/ but
it's commercial only. (Incidentally - how does that work when
Nessus is GPL'd?)... metasploit runs under Cygwin too.

Check the insecure.org tools list for other suggestions.
http://www.insecure.org/tools.html

Finally a selection of 'exploits du jour' is handy but of course
these change relatively quickly.

cheers

\a

-- 
Andrew Simmons
Penetration Tester | Security Consultant
MIS Corporate Defence Solutions, Ltd.
sorry about this!
The information contained in this message or any of its attachments may
be privileged and confidential and intended for the exclusive use of the
intended recipient.  If you are not the intended recipient any
disclosure, reproduction, distribution or other dissemination or use of
this
communications is strictly prohibited.   The views expressed in this
e-mail
are those of the individual and not necessarily of MIS Corporate Defence
Solutions Ltd.  Any prices quoted are only valid if followed up by a
formal written quote.  If you have received this transmission in error,
please contact our Security Manager on +44 (01622) 723410.
This email is intended for the recipient only and contains confidential
information, some or all of which may be legally privileged. If you are
not the intended recipient, you must not use, save, disclose,
distribute, copy, print or rely on this email or any information
contained within it. Please notify the sender by return and delete it
from your computer. Thank you.
------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:53 EDT