[ISN] A Hacker's Worst Nightmare

From: mea culpa (jerichoat_private)
Date: Sat Mar 27 1999 - 08:08:29 PST

  • Next message: mea culpa: "[ISN] Virtual Graffiti"

    http://www.zdnet.com/pccomp/stories/all/0,6605,392297,00.html
    
    PRODUCT REVIEWS
    A Hacker's Worst Nightmare
    Christopher Null
    March 10, 1999
    
    Stop Internet intruders in their tracks
    
    You don't really want to share your customers' credit card numbers with
    every hacker on the Internet, do you? If your network is connected to the
    Internet and protected only by a firewall, you might be leaving your
    business--and your customers' accounts--wide open to data pirates. A
    firewall is good first line of defense, but it's probably not enough to
    keep out persistent intruders. We tested three new antihacker tools and
    found a wide range of useful and not-so-useful utilities that help you
    plug the holes on your network. 
    
    Internet Security Systems Internet Scanner 5.6 is an exhaustive utility
    that simulates more than 450 types of network attacks, then presents
    comprehensive reports about the state of your network.  Internet Scanner
    is a mainstay with security experts, but it's also deceptively simple to
    master. 
    
    Internet Scanner predefines several attack simulation packages--typically
    called scans--ranging from simple scans to special scans for testing
    router security. The simulated attacks are varied, including Windows NT-
    specific attacks, mail server vulnerability checks, and denial-of-service
    attacks (such as the Ping of Death). With all these tests, you'd think
    Internet Scanner would have to run overnight to get results. Not so. A
    complete scan with all tests on two systems took only 11 minutes to run. 
    
    Internet Scanner's new SmartScan feature keeps track of the results each
    time you run it and uses that information to intelligently poke holes in
    your network, much like a hacker who keeps track of previous successes and
    failures. Altogether, it's the brainiest way to examine your network
    security. 
    
    Heal Thyself Netect's HackerShield 1.1 is a relative newcomer to the
    security scene, and it's still growing up. HackerShield strives to be a
    comprehensive network analysis tool, but it falls far short in scope and
    power. The product contains roughly 250 checks, substantially fewer than
    the competition. And every time we tried running a full-network scan, it
    froze in midtest because of its own denial-of-service attacks. We never
    did get complete results, but with 120 checks activated, it took a long 25
    minutes to scan two systems. 
    
    HackerShield does have its pluses. Its RapidFire updates are periodically
    available on Netect's Web site, and downloading them expands the number of
    attacks HackerShield simulates (about 50 are available each month).
    HackerShield also automatically fixes some problems, whereas with Internet
    Scanner you have to patch all the holes yourself. For example, both tools
    will find that your server allows an administrator password, but only
    HackerShield will fix it for you. Unfortunately, the autofix option worked
    on only 15 percent of the problems we unearthed in our tests. 
    
    Rich Man's Expert Say you've patched all the holes you can, but you still
    want to estimate the damage should a hacker make it through and abscond
    with valuable trade secrets. L3 Network Security provides the solution in
    Expert 3.0, a sophisticated network mapping and risk analysis system. 
    
    Unlike the other two products, Expert 3.0 doesn't actually test the
    security on your network.  Instead, you build a network map yourself
    (Expert automates much of this process) and define the threats from
    outside--and inside--the organization. Expert then provides detailed,
    customized reports about threat and risk levels. 
    
    Expert works hand-in-hand with your antihacker software and firewall to
    help you plan for the worst contingency, but its $9,500 price is steep.
    Even though this includes two days of offsite training, you'll likely find
    you have more affordable ways to map your network (with Visio) and crunch
    numbers (with Excel). 
    
    Internet Scanner 5.6
    
    Rating: Four Stars 
    Verdict: The most comprehensive security package on the market.  
    Pros: Exhaustive feature set; fast.  
    Cons: Pricey; cryptic descriptions.  
    Starting at $2,795 est. street price / Internet Security
    Systems / (678) 443-6000
    
    Expert 3.0
    
    Rating: Three Stars
    Verdict: A fancy way to map your network and analyze its risks.
    Pros: Makes risk analysis simple.
    Cons: Expensive for the features.
    $9,500 est. street price / L3 Network Security / (888) 280-7475
    
    HackerShield 1.1
    
    Rating: Two Stars 
    Verdict: The antihacker tool with lots of hand-holding. 
    Pros: Automatically fixes some holes. 
    Cons: Slow; not comprehensive. 
    $695 per server est. street price / Netect /(888)
    263-8328
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Hacker News Network [www.hackernews.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:21:35 PDT