Think like a hacker: the best scanning tools
A curious change has come over the image of computer security in the last few years. Whereas headlines once screamed the exploits of allegedly evil hackers, the story now is all about bad code -- unpatched software, poorly secured firewalls and computer passwords left in plain sight. The hackers are not the real culprits; the security holes are.
It might be our maturation as a high-tech society, but such a shift in perspective marks a coming of age for network administrators after more than a decade of trying to secure client-server and Internet computing. A new set of tools, collectively called vulnerability assessment, is educating sysadmins about ways to close holes in networks before a hacker even finds them, let alone plans an attack. With widely circulating estimates claiming that up to 90 percent of computer security breaches can be avoided, such tools might represent a CIO's best chance to assess the level of security in his or her enterprise and determine how to improve it.
[ Read more ]