Some Network Security Tools I Have been Practicing On
1.?????Virtual Box with Kali Linux
The Oracle VM VirtualBox base package should be downloaded only from a trusted source, for instance the official website https://www.virtualbox.org. The integrity of the package should be verified with the provided SHA256 checksum which can be found on the official website.
The installer can be used to turn off Python language binding, host-only networking, bridged networking, and USB support on Windows hosts. All of these functions are by default active, although it may be necessary to disable some of them if no virtual machine needs the corresponding functionality. Only if the Oracle VM VirtualBox API is to be utilised by outside Python programmes are the Python language bindings necessary. Windows kernel drivers must be installed on the host in order to support USB and the two networking modes in particular. Therefore, removing those chosen features can be used to limit the user to particular capabilities as well as to reduce the surface an attacker might have access to.
The general case is to install the complete Oracle VM VirtualBox package. The installation must be done with system privileges. All Oracle VM VirtualBox binaries should be executed as a regular user and never as a privileged user.
The Debian-based Linux system Kali Linux was developed for penetration testing and is especially useful for both experts and novices in the field of security. Numerous network auditing tools and applications are included with Kali Linux, previously BackTrack Linux. However, it is not advised to use Kali as a general-purpose desktop operating system. Kali can be installed as a host operating system (OS) on a computer like any other Linux. However, utilising Kali does not store settings after a system reboot; this is where virtual machines come in very handy.
I enjoy using virtual box and have used it quite a bit.
I see the following benefits in:
VirtualBox VMs can be readily copied. After customising a virtual machine, you can duplicate and multiply that image.
They are a great testing ground for new ideas because you can easily clone them. No issue, just destroy the VM and build a new one if you break it.
Some applications don't get along with other applications. For instance, certain VPN applications can limit system-wide Internet access. These applications can be simply logged in and out while running on a virtual machine.
Many chores, such as seamless mouse and copy-paste integration, will be easier if you install Virtual box guest extensions. Additionally, virtual box makes it simple to connect to the internal network of the host in order to share resources.
Virtual machines are a lifesaver for Linux users. A developer must have been Linux OS. However, Linux does not provide user interaction like Windows OS does. Without restarting our computer, we won't be able to change the OS; however, Virtual Manager can be set up on Linux. It enables us to run Windows OS in a virtual environment on our Linux system. The user can start the Windows operating system using the virtual machine just like it was an app.
Kali Linux installed on the Oracle Virtual Box
2.????Cisco Packet Tracer
Network administrators and students may experiment with the behaviour of Cisco network devices using Packet Tracer, a highly helpful Cisco network simulation tool.
Packet Tracer simulates network equipment such as switches, routers, and other associated hardware. In reality, Packet Tracer is an excellent tool when a lab-based scenario involving the exchange of routes across routing protocols across several Layer 3 Networking devices is needed. Packet Tracer's user interface is rather intuitive and enables dragging and dropping of things from the item display part to the main simulation window.
This makes it simple to add or remove network devices in the future. This simulation tool is a learning programme that is primarily targeted at CCNA enthusiasts who wish to work with real Cisco-based labs in a virtual setting.
To practise networking, Internet of Things, and cybersecurity skills, Cisco offers Cisco Packet Tracer, a potent network simulation and visualisation tool. The online learning environment is useful for learning courses, professional development, job planning, and other things.
As implied by the name, this programme was created by Cisco and may be used to simulate networking-related experiments. A great tool for getting first-hand experience with equipment like Cisco Routers, Switches, Hubs, and end devices like PCs, Laptops, Servers, and many others is Packet Tracer.
It supports BGP, EIGRP, OSPF, and RIP v1/v2 protocols. The newest member of the routing protocol family, BGP, debuted in version 5.3. As of right now, Packet Tracer is on version 7.3.
Due to packet tracer's rising popularity, its creators have recently made a foray into the Android and iOS mobile device markets. An alternative to Packet Tracer that focuses on mobile-friendly users is called Packet Tracer Mobile.
You can download the Cisco Packet Tracer tool directly from Cisco’s official website Cisco Networking Academy.
Cisco Packet Tracer is a software which is free to download, however, needs registration to Netacad Networking Academy (no charges associated with registration).
It is essential to register since users need to sign in with the same ID when they run the simulation.
Registration requires entering your “First Name”, “Last name” and then “email address”. After packet tracer download, you can simulate and visualize capabilities facilitating the lab testing and learning of complex scenarios and concepts.
After Installing Packet Tracer, one does not require any physical equipment.
Cisco packet tracer creates a virtual network with an almost unlimited number of devices, encouraging practise, design scenarios testing and troubleshooting.
Key Features
Packet Tracer Workspaces: Cisco Packet Tracer has two workspaces: logical and physical. The logical workspace allows users to build logical network topologies by placing, connecting, and clustering virtual network devices. The physical workspace provides a graphical physical dimension of the logical network, giving a sense of scale and placement in how network devices such as routers, switches, and hosts would look in a real environment. The physical view also provides geographic representations of networks, including multiple cities, buildings, and wiring closets.
Cisco Packet Tracer has two operating modes to visualise a network's behaviour: real-time mode and historical mode.
Real-time mode's network behaviour is as follows:
Real devices respond instantly in real-time to all network requests activities. The real-time mode offers pupils an effective substitute for genuine apparatus and enables students to practise setup prior to using actual equipment.
The user may view and control time intervals while in simulation mode. The underlying workings of data transport and how data spreads throughout a network. This aids pupils in comprehending the basic ideas behind the scenes of a network. Learning about related ideas can be accelerated with a firm grasp of network foundations.
3.????Neessus
Nessus is a remote security scanning tool that checks a computer and alerts you if it finds any flaws that might allow criminal hackers to access any computer you have linked to a network. This is accomplished by doing over 1200 tests on a particular machine to see if any of these assaults may be used to gain access to the system or cause other damage.
Who would utilise such a tool?
Nessus is a fantastic tool to aid administrators who are in charge of any computer (or group of computers) connected to the internet keep their domains free of the simple vulnerabilities that hackers and viruses frequently try to exploit.
What Nessus is NOT
Nessus is just one tiny component of a sound security strategy rather than a comprehensive security solution. Nessus is merely a programme that scans your systems for weaknesses that hackers COULD use; it does not actively prevent assaults. The system administrator is responsible for patching these vulnerabilities to form a security solution.
Nessus: Why?
You might be asking what benefits Nessus offers over other network vulnerability scanners if you are familiar with them. Important points include:
Nessus, in contrast to other scanners, doesn't make assumptions about your server setup (such thinking that port 80 must be the sole web server), which might lead other scanners to overlook actual vulnerabilities.
- Once you become more accustomed to the tool, Nessus is quite expandable and offers a scripting language enabling you to develop tests particular to your system. It also has a plug-in interface, and the Nessus plug-in website offers a tonne of free plug-ins. These plugs frequently focus on identifying a particular infection or vulnerability.
- Current details on fresh vulnerabilities and assaults. In order to reduce the time between an exploit being in the wild and you being able to detect it using Nessus, the Nessus team regularly refreshes the list of vulnerabilities to check for.
- Open source. Nessus is free and open source; thus you are allowed to view and alter the source code as you choose.
- Patching Assistance: Nessus frequently has the ability to recommend the best course of action for mitigating a vulnerability when it is discovered.
What Nessus Does
Understanding how various services (such as a web server, SMTP server, FTP server, etc.) are accessible on a distant server is required in order to understand how Nessus and other port-scanning security solutions operate. A high-level protocol that is securely conveyed by a TCP stream is used to carry the majority of high-level network traffic, including email, web pages, etc., to a server. A computer separates its physical connection to the network into thousands of logical pathways, known as ports, to prevent various streams from interfering with one another. Accordingly, you would connect to port #80 (the default HTTP port) on a particular system to communicate with a web server, but you would connect to port #25 on the same machine to communicate with an SMTP server.
There are thousands of ports on every computer, and some or all of them may or may not have services (such as servers for certain high-level protocols) listening on them. Nessus checks each port on a computer, identifies the service that is running on it, and then checks this service for any vulnerabilities that may be exploited by hackers to launch a hostile attack.
Nessus is referred to be a "remote scanner" since it can test a machine without installing itself on it. Instead, you may install it on only one machine and test it on as many as you like.
Installation:
Nessus consists of two components: a client that you may choose from and a server named nessus. The client is used to instruct the server which tests to perform on which machines. The server is the component of Nessus that executes the tests. Only Unix/Linux platforms are supported by the server, although clients for Windows, Mac, and Unix/Linux are also offered. Therefore, an administrator may perform regularly scheduled Nessus tests using a client created for practically any platform after the server is installed and operational.
Go to www.nessus.org to download the most release of Nessus.?As of this date, the current release can be found at https://www.nessus.org/nessus_2_0.html along with extremely simple installation instructions.?This will install the Nessus server app and a client on the unix based machine (note: this includes Mac OS X and above with developer tools installed).?After installing the server, you will have to do a couple quick configuration options, such as adding a user, described here: https://www.nessus.org/demo/first.html.
To download and install a Windows client, look at: https://nessuswx.nessus.org/