Golden Guardian award runners-up present some encouraging news in security field

www.infoworld.com |  Operating Systems

Infoworld's Golden Guardian award recognizes the outstanding work of
security
product vendors for their efforts in delivering valuable security products to the
public. But frequently we come across products that don't fit the traditional mold of
full-blown commercial security tools.
This week we highlight those products, which include freeware, shareware, and
nonsecurity products -- all of which can be used to secure your networks.

As security consultants, we are married to our laptops. But traveling around the
world with two six-pound "lappies" (one for Windows NT/NetWare and one for Linux) and
30 pounds of accompanying hardware can put severe crimps in our necks, not to mention
our airport gate dashes. But the rocket scientists at VMware ( href="http://www.vmware.com" target="_new">www.vmware.com) have developed what may
be the most
remarkable software we've seen in years. The product is called VMware, and it allows an
NT virtual machine to run within Linux, and vice versa. With VMWare, we no longer have
to whip out both laptops to perform an NT and a Unix review. Instead, we can perform
complete security assessments of Unix, NT, even NetWare environments -- all from a
single machine. The benefit to us road warriors is enormous.

But there are other uses of VMware in security: The product can be used as a "honey
pot," tempting those wily attackers into your NT lair, yet all the while running under
Linux. With sufficient logging and monitoring of the activity on the NT partition, one
could track and record the activities of the attacker and store them on the Linux
system by sending them via syslog to the Linux IP address. And the "undoable disk"
feature of VMware allows you to back off the changes made after the attack, starting
fresh for the next victim. Unfortunately, you cannot review the actual changes made to
the partition.

This function would be an enormous resource for later forensic analysis. The only
other concern we have about the product will likely disappear with time and ever-
decreasing hardware prices: The guest operating system performs fairly slow when using
the virtual 2GB hard-drive option. Although not intended as a security product, VMware
does offer the functionality to dramatically increase your security endeavors.

Another company worthy of Golden Guardian mention is SolarWinds ( href="http://www.solarwinds.net" target="_new">www.solarwinds.net). We have written
about
SolarWinds in past columns, and we use their products religiously during assessments.
We consider the IP Network Browser to be the definitive SNMP discovery and enumeration
tool available for NT. SolarWinds also produces an entire suite of network management
tools, including a Cisco router password decryptor and configuration file
downloader.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Spotlight on ...
Online Training

    Upgrade your skills and earn higher pay

    Readers to share their best tips for maximizing training dollars and getting the most out self-directed learning. Here’s what they said.

     

    Learn more

Operating SystemsWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness