One essential tool for network security auditing is a port scanner. This probes the network in an effort to locate computers and other network devices which are switched on and which are responding to network requests.
This allows you to discover, among other things, web servers, mail servers, FTP servers and more. If it is open to incoming traffic then a port scanner ought to find it.
One popular fast and friendly port scanner is Angry IP Scanner. It is simple to use and rates among the top 100 network security tools according to hacker Fydor.
Now, let’s not delude ourselves. It comes in a Windows and a Linux client (and a Mac version too.) Anything I tell you about how wonderful it is Linux lets you scan ports will equally apply to Windows.
With one subtle difference.
From the Angry IP Scanner FAQ we read, “Why is scanning so slow on Windows?” The very same FAQ answers that Microsoft have deliberately crippled down consumer versions of Windows from Windows XP service pack 2 onwards. This includes every single release of Windows Vista.
What happens is that Windows deliberately limits the number of simultaneous network connection attempts your computer may perform. This is known as “rate limiting” and the official word from Redmond is that this was implemented to limit the troubles caused by virus-affected Windows computers, meaning they can only spread online mischief like virus and spam and Trojans a fraction as fast as they could before rate limiting was implemented.
Too bad for the smart and secure Windows users. To bad for the legitimate network auditor. In direct recognition that Microsoft Windows is a tragically insecure operating system, Microsoft limit the activities of genuine users in an attempt to mitigate the consequences of so many insecure Windows boxes!
As you might imagine, this limitation affects the myriad of BitTorrent users so that community have determined solutions for Windows XP and Windows Vista.
The solution is not nice; it involves manually editing important system files, or trusting other “kind” people to supply an appropriately-modified system file, and making registry tweaks.
Even then, the fix isn’t permanent. The next official patch to come along which upgrades the relevant system files will undo your work.
You’ll find the same story over most network security tool websites, and sometimes for other reasons. Wireshark, the popular packet sniffer which began life as Ethereal, comments that their software needs an extra module loaded if you want to run as a non-privileged user under Vista.
The short of it is – sure, you can sniff and probe and scan and analyse a network using Windows. But if you want to do it quickly, you want to do it well, you want to do it without any fuss – then Linux is the OS for you.
Yes, Windows users, I hear you say - "I didn't know you could do that in Linux!"
Smack, crack, hack and track any network with Linux (not Windows)
RECRUITMENT & RETENTION REPORT 2013
HIRE OR FIRE? BUY OR BUILD2013 is well underway and Australian companies need to know whether they should invest in IT skills training or pay a premium for the people they need.
If you want to know which choices are being made in your sector, what skills are hard to find, which sectors intend to hire or fire and where the IT spend is going, this free report is must have.
David M Williams
David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. Within two years, he returned to his alma mater, the University of Newcastle, as a UNIX systems manager. This was a crucial time for UNIX at the University with the advent of the World-Wide-Web and the decline of VMS. David moved on to a brief stint in consulting, before returning to the University as IT Manager in 1998. In 2001, he joined an international software company as Asia-Pacific troubleshooter, specialising in AIX, HP/UX, Solaris and database systems. Settling down in Newcastle, David then found niche roles delivering hard-core tech to the recruitment industry and presently is the Chief Information Officer for a national resources company where he particularly specialises in mergers and acquisitions and enterprise applications.
