In the era of total connectivity in which we live getting 100% security is simply impossible. But it is possible (and necessary) to adopt the Measures that can significantly reduce the possibilities of suffering computer attacks And with that improve the safety of the network of an office, home or small business office. Ensuring our equipment and networks is important; Simply the attackers will go to other simpler goals.
How to improve an office network security
Although there are measures to combat the most widespread threats such as phishing or ransomware, which are adequate as general protection for all types of organizations, there is another cybersecurity strategy that use more advanced users and systems administrators and that opts for get ahead of eventstesting the safety of networks just like an attacker would do.
That is the objective of those known as ‘penetration test’: to advance to the potential cyber attacks using precisely the same tools that the ‘bad’ use. The vulnerabilities test with this type of tools on own networks has notable advantages since We can identify which areas are the “weak points” of the network and correct them before others are discovering and exploiting them.
We leave you some of the best tools of this type, not without indicating the corresponding legal notice of using them only in their own networks or with express permission for those of third parties:
Wireshark
A de facto standard that has been among us for more than twenty years and that the oldest of the place will remember as Ethereal. It is used equally in companies, education system or homes as a sniffer, Packhaw capturerdesigned for the analysis and resolution of network problems, software and development of communications protocols.
It allows visualizing the activity of users in the network and “strange” captured traffic related for example to a Trojan. It works on Ethernet networks, IEEE 802.11 or PPP and the captured data can be consulted through a user graphic interface or a command line terminal. Wireshark is free and open source, available for Windows, Macos, Linux, Freebsd and others.
Nessus
Originally open source, later it became private software, but it is still free for domestic users with test for seven days. Self -publishing like the Vulnerabilities scanner More popular on the Internet, used by more than 27,000 organizations worldwide. Nessus looks for open ports and tries attacks with various known exploits.
For audit uses on its own domestic network, the “Unsafe test” option must be deactivated so as not to corrupt the system. It works in Windows, Mac OS X and Linux, and can be executed on a domestic computer, in the cloud or in a hybrid environment.
Nmap
Even more long than Wireshark and equally interesting, this Network Mapper is one of the essential applications for systems administrators and at the same time one of the fixed for hacking. Is used to perform penetration testidentify the open ports or the services that are being executed, offers the computer response to a ping, and in general, it allows to audit the safety of a network and the possible vulnerabilities.
Its popularity is such that we saw her running in several films such as The Matrix Reloaded or Battle Royale. Free and open source, NMAP works in Linux, Windows and Mac OS X.
Nikto2
It’s a Web servers scanner which analyzes more than 6,700 potentially dangerous files or programs and 1,250 web servers. It also verifies the server configuration elements, such as the presence of multiple index files, the HTTP server options, and will try to identify the web servers and the installed software. Scanning elements and accessories are frequently updated and can be updated automatically.
Useful taking into account that computer pirates have put web servers in their retina as a network entry method, taking advantage of unsafe implementations or obsolete Apache servers. Nikto2 is free and open source and can be downloaded from its repository in Github.
Ettercap
One of the most complete applications to detect attacks man-in-the-middle in the domestic network or in any LAN. It is an infiltration technique widely used by cybercriminals as we saw in large attacks such as Logjam, the critical vulnerability that affects the TLS protocol, and that allows to degrade the connections to a degree of export of 512 bits encryption to be able to decipher communications.
It works in the main operating systems and you can download it from its website.
Cain & Abel
It is a tool Password recovery For Windows operating systems. It allows to recover various types of passwords using dictionary, brute force, cryptoanalysis attacks, VoIP conversations recording, or recover wireless network keys.
Beyond its password recovery capacity was developed to be useful to network administrators, security consultants or professionals and can be used to evaluate the safety of our network. The development is discontinued, but it still works and you can download it on several Internet sites.
