System admins are frequently bombarded with
security concerns, requests, alerts, news items,
“did you see this?!” emails, and more. Keeping
up with all the aspects of network security can
seem like an overwhelming task, but in this
post we’re going to look at ten tools a system
admin can use to help secure their network.
Some you may be familiar with, like network
security software, while others may come as a
surprise, like your email client; but all will help
you to stay ahead of the bad guys, keep
yourself informed of the latest threats, and
maintain the security of your network.
1. Network security software
----------------------------------
When we talk about network security software,
we’re talking about a class of product more
than any specific tool, and how important it is
for you to have an application or small group
of applications that can help you to accomplish
most of your tasks. There are simply too many
things for any one admin to do by hand, and
network security software applications help to
automate the heavy lifting and ensure that you
can keep up with the workload. Look for
network security software that multitasks.
Think about it as a Swiss Army knife of software
packages that includes many of the other items
on this list.
2. Vulnerability scanner
---------------------------
A good vulnerability scanner is a key part of
any toolkit, and should be used by server
admins and security engineers alike. The top
network security software apps will include a
scanner that has a database of the thousands of
vulnerabilities that could exist on your
network, so that you can quickly, easily and
regularly scan your network to ensure you
systems are up-to-date, configured properly
and secured.
3. Port scanner
------------------
A port scanner is another regular tool that
should be in your network security software
application. Attackers regularly scan your
Internet connection looking for ways in and so
should you. But you should also scan internally
so you can find unauthorized services or
misconfigured systems, and to validate your
internal firewalls are set up correctly.
4. Patching software
------------------------
Patching operating systems and third party
applications is one of the most important,
regularly recurring tasks a sys admin has.
Network security software that can automate
this, and handle the hundreds of other
applications on your network, is the only
realistic way you can keep up with this.
5. Auditing software
-----------------------
Auditing software may strike you as a strange
recommendation at first, but consider all those
apps you are trying to patch. How can you be
sure you have no vulnerabilities on your
systems if your users can install anything on
your systems? How are you going to maintain
licensing compliance if you don’t know who has
installed what from \software? Network
security software may also include software
and hardware inventory components to help
you stay informed and secure.
6. Secure remote clients
-----------------------------
Telnet, older versions of PCAnyWhere and
several of the web-based remote access apps
that are out there all have a common issue -
they’re not secure. Use SSH v2 or later for
secure access to all CLI-based systems, and the
most secure versions of Remote Desktop
Protocol to manage Windows boxes. Using
strong encryption, good passwords, lockout
policies and, when possible, mutual
authentication between client and host, will
help to ensure no one sniffs credentials or
brute-forces their way into a system. If you
have two-factor authentication in your
environment, ensure that every system possible
uses it to further reduce your risk from
unauthorized access.
7. A good network analyzer
--------------------------------
Whether you like the open source WireShark,
the free Microsoft tool NetMon, or one of the
many other commercial network analysis tools,
having a good “sniffer” is key to helping secure
and analyze systems. There is simply no way
that’s more effective to figure out just what is
going on between networked systems than to
see the traffic first hand.
8. Network tools
-------------------
Whenever you are dealing with connections
from foreign systems, you will find the need to
check network addresses, routes and more.
Having good tools like DIG, WHOIS, HOST,
TCPING and others close at hand makes
network evaluation a breeze.
9. Log parsing software
----------------------------
Securing systems means going through logs;
lots of them. Web logs, access logs, system
logs, security logs, SNMP logs, syslog logs – the
list goes on and on. Having software that can
quickly and easily parse through logs is critical.
Everyone has their favorite. Some install locally
like LogParser, while others run on servers like
Splunk. Whichever you prefer, get a good log
parser to help wade through what can be
millions of entries quickly and easily so you can
find events you need to check.
10. Your email client
------------------------
Knowledge is power, and the best way to amass
that knowledge is to stay informed. Whether
you subscribe to email bulletins, security alerts,
or RSS feeds, your email client can provide you
the first indications that something new is out
there, and also what you need to do to protect
your systems from the threat. Zero day
exploits, out of band patches, best practices
and more, can all be yours if you simply join
the right distribution lists and subscribe to the
right lists.
These 10 system admin tools are a great start
towards building your toolkit for security.
Network security software plays a major role in
this toolkit, which you supplement with other
tools and the information you need to maintain
a secure environment.
Hope You Enjoyed this Tutorial stay tuned with
us for more
Thankyou guyz
Stay tuned wid us..!!
