http://www.zdnet.com/pccomp/stories/all/0,6605,392297,00.html PRODUCT REVIEWS A Hacker's Worst Nightmare Christopher Null March 10, 1999 Stop Internet intruders in their tracks You don't really want to share your customers' credit card numbers with every hacker on the Internet, do you? If your network is connected to the Internet and protected only by a firewall, you might be leaving your business--and your customers' accounts--wide open to data pirates. A firewall is good first line of defense, but it's probably not enough to keep out persistent intruders. We tested three new antihacker tools and found a wide range of useful and not-so-useful utilities that help you plug the holes on your network. Internet Security Systems Internet Scanner 5.6 is an exhaustive utility that simulates more than 450 types of network attacks, then presents comprehensive reports about the state of your network. Internet Scanner is a mainstay with security experts, but it's also deceptively simple to master. Internet Scanner predefines several attack simulation packages--typically called scans--ranging from simple scans to special scans for testing router security. The simulated attacks are varied, including Windows NT- specific attacks, mail server vulnerability checks, and denial-of-service attacks (such as the Ping of Death). With all these tests, you'd think Internet Scanner would have to run overnight to get results. Not so. A complete scan with all tests on two systems took only 11 minutes to run. Internet Scanner's new SmartScan feature keeps track of the results each time you run it and uses that information to intelligently poke holes in your network, much like a hacker who keeps track of previous successes and failures. Altogether, it's the brainiest way to examine your network security. Heal Thyself Netect's HackerShield 1.1 is a relative newcomer to the security scene, and it's still growing up. HackerShield strives to be a comprehensive network analysis tool, but it falls far short in scope and power. The product contains roughly 250 checks, substantially fewer than the competition. And every time we tried running a full-network scan, it froze in midtest because of its own denial-of-service attacks. We never did get complete results, but with 120 checks activated, it took a long 25 minutes to scan two systems. HackerShield does have its pluses. Its RapidFire updates are periodically available on Netect's Web site, and downloading them expands the number of attacks HackerShield simulates (about 50 are available each month). HackerShield also automatically fixes some problems, whereas with Internet Scanner you have to patch all the holes yourself. For example, both tools will find that your server allows an administrator password, but only HackerShield will fix it for you. Unfortunately, the autofix option worked on only 15 percent of the problems we unearthed in our tests. Rich Man's Expert Say you've patched all the holes you can, but you still want to estimate the damage should a hacker make it through and abscond with valuable trade secrets. L3 Network Security provides the solution in Expert 3.0, a sophisticated network mapping and risk analysis system. Unlike the other two products, Expert 3.0 doesn't actually test the security on your network. Instead, you build a network map yourself (Expert automates much of this process) and define the threats from outside--and inside--the organization. Expert then provides detailed, customized reports about threat and risk levels. Expert works hand-in-hand with your antihacker software and firewall to help you plan for the worst contingency, but its $9,500 price is steep. Even though this includes two days of offsite training, you'll likely find you have more affordable ways to map your network (with Visio) and crunch numbers (with Excel). Internet Scanner 5.6 Rating: Four Stars Verdict: The most comprehensive security package on the market. Pros: Exhaustive feature set; fast. Cons: Pricey; cryptic descriptions. Starting at $2,795 est. street price / Internet Security Systems / (678) 443-6000 Expert 3.0 Rating: Three Stars Verdict: A fancy way to map your network and analyze its risks. Pros: Makes risk analysis simple. Cons: Expensive for the features. $9,500 est. street price / L3 Network Security / (888) 280-7475 HackerShield 1.1 Rating: Two Stars Verdict: The antihacker tool with lots of hand-holding. Pros: Automatically fixes some holes. Cons: Slow; not comprehensive. $695 per server est. street price / Netect /(888) 263-8328 -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Hacker News Network [www.hackernews.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:21:35 PDT