Home page logo

basics logo Security Basics mailing list archives

RE: Risk analysis tools?
From: "A.G. Williams" <drew911s () yahoo com>
Date: Thu, 6 Feb 2003 09:44:45 -0800 (PST)

There are scores of risk analysis tools in the
marketplace. It greatly depends on the type of
analysis you want to perform, and the level you want
to go.

If you are looking for simple network penetration
tools, you can get those off the Internet. But it's
generally the "buyer-beware" rule. From my experience
as a former product manager for some of the leading
technologies in network and host assessment and IDS,
I'd actually recommend technologies we competed
against--some of which have gone from the freeware to
legitimate corporate-driven technologies. Tools from
SAINT and SourceFire (Marty Rousch's new company)
would be essential in your search, and if you're
interested in good network mapping and scanning, take
a good look at the NESSUS stuff, and NMap.

I also heard rumor that Dan Farmer was planning to
commercialize his COPS application. Anything Farmer
did would be top-notch quality.

Also beware of the cutesy graphic-generation tools
that show the pretty pictures of your network. They
might look good on the screen or as a background in a
NOC, but they do little to actually mend fences and
notify of events actually dangerous to your

Most of the stuff regarding "event analysis" is tied
to auditing. So be sure to look at good audit tools as
part of your risk management plans. NetForensics has
some interesting technology, but more importanly, some
good developers. Some of my friends at NetIQ say
they've got some good stuff as well--so I'd suggest
you look over the NetIQ/PentSafe tools.

But on a more "businessy" note, it's one thing to run
an application to identify risks--remember that you
need to use some form of risk management methodology
to actually address the stuff you find. That's where
the real "Intrusion Prevention" becomes more than a
marketing buzz phrase.

But most importantly, don't trust the new guys on the
block. Just because they think they created something
in a university lab, or got funding from some private
venture partner who didn't know anything about the
current trends in IT Sec technology, doesn't mean
they're making a better mouse trap.

Stick with the veterans who pioneered this stuff. It's
always best to follow the people, as the technology
can often be over- or (in most cases),

Good luck.

Drew Williams

-----Original Message-----
From: Marsman-Polhuys, Henk (fin)
[mailto:Henk.Marsman-Polhuys () ordina nl] 
Sent: Monday, January 27, 2003 2:01 AM
To: security-basics () securityfocus com
Subject: Risk analysis tools?


don't know if this is the right list to post this,
but I'm just gonna

I'm looking for some risk analysis tools or methods
that can be used in
the infosecurity process. Anyone got any
recommendations or ideas?

Rgdz, Henk

-----Oorspronkelijk bericht-----
Van: Michael Parker [mailto:mparker () rim net]
Verzonden: woensdag 22 januari 2003 20:01
Aan: David Andersson;
security-basics () securityfocus com
Onderwerp: RE: Computer Forensics

Try this...




Michael,  MCP, GSEC, BCCSA
BlackBerry Technical Support 
Research in Motion, Ltd. 
Tel: 1-877-BLK-BERRY 
Email: help () BlackBerry net 
Web: www.BlackBerry.net 

Important Notice: As of February 1, 2003, BlackBerry
customers who have
purchased through RIM will need to purchase a
technical support package
to continue receiving BlackBerry Technical Support
direct from RIM. To
learn more about this change in policy and to find
out about the
available BlackBerry technical support options,

For on-line technical assistance, please refer to
our website at the
Technical FAQ:

Paging FAQ:  

-----Original Message-----
From: David Andersson
[mailto:dlandersson () hotmail com]
Sent: January 19, 2003 11:13 AM
To: bstoneburner () wcisteel com;
security-basics () securityfocus com
Cc: atarata () bigpond net au
Subject: Re: Computer Forensics


We're experiencing an upsurge in computer forensics

Can anyone suggest any links to relevant
information, certifications,

Dave Andersson
MCT, CIW Security Analyst, CCNA


This message is the property of Time Inc. or its
affiliates. It may be
legally privileged and/or confidential and is
intended only for the use
of the addressee(s). No addressee should forward,
print, copy, or
otherwise reproduce this message in any manner that
would allow it to be
viewed by any individual not originally listed as a
recipient. If the
reader of this message is not the intended
recipient, you are hereby
notified that any unauthorized disclosure,
dissemination, distribution,
copying or the taking of any action in reliance on
the information
herein is strictly prohibited. If you have received
this communication
in error, please immediately notify the sender and
delete this message.
Thank you.

Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]