http://www.zdnet.com/pccomp/stories/all/0,6605,392297,00.html
PRODUCT REVIEWS
A Hacker's Worst Nightmare
Christopher Null
March 10, 1999
Stop Internet intruders in their tracks
You don't really want to share your customers' credit card numbers with
every hacker on the Internet, do you? If your network is connected to the
Internet and protected only by a firewall, you might be leaving your
business--and your customers' accounts--wide open to data pirates. A
firewall is good first line of defense, but it's probably not enough to
keep out persistent intruders. We tested three new antihacker tools and
found a wide range of useful and not-so-useful utilities that help you
plug the holes on your network.
Internet Security Systems Internet Scanner 5.6 is an exhaustive utility
that simulates more than 450 types of network attacks, then presents
comprehensive reports about the state of your network. Internet Scanner
is a mainstay with security experts, but it's also deceptively simple to
master.
Internet Scanner predefines several attack simulation packages--typically
called scans--ranging from simple scans to special scans for testing
router security. The simulated attacks are varied, including Windows NT-
specific attacks, mail server vulnerability checks, and denial-of-service
attacks (such as the Ping of Death). With all these tests, you'd think
Internet Scanner would have to run overnight to get results. Not so. A
complete scan with all tests on two systems took only 11 minutes to run.
Internet Scanner's new SmartScan feature keeps track of the results each
time you run it and uses that information to intelligently poke holes in
your network, much like a hacker who keeps track of previous successes and
failures. Altogether, it's the brainiest way to examine your network
security.
Heal Thyself Netect's HackerShield 1.1 is a relative newcomer to the
security scene, and it's still growing up. HackerShield strives to be a
comprehensive network analysis tool, but it falls far short in scope and
power. The product contains roughly 250 checks, substantially fewer than
the competition. And every time we tried running a full-network scan, it
froze in midtest because of its own denial-of-service attacks. We never
did get complete results, but with 120 checks activated, it took a long 25
minutes to scan two systems.
HackerShield does have its pluses. Its RapidFire updates are periodically
available on Netect's Web site, and downloading them expands the number of
attacks HackerShield simulates (about 50 are available each month).
HackerShield also automatically fixes some problems, whereas with Internet
Scanner you have to patch all the holes yourself. For example, both tools
will find that your server allows an administrator password, but only
HackerShield will fix it for you. Unfortunately, the autofix option worked
on only 15 percent of the problems we unearthed in our tests.
Rich Man's Expert Say you've patched all the holes you can, but you still
want to estimate the damage should a hacker make it through and abscond
with valuable trade secrets. L3 Network Security provides the solution in
Expert 3.0, a sophisticated network mapping and risk analysis system.
Unlike the other two products, Expert 3.0 doesn't actually test the
security on your network. Instead, you build a network map yourself
(Expert automates much of this process) and define the threats from
outside--and inside--the organization. Expert then provides detailed,
customized reports about threat and risk levels.
Expert works hand-in-hand with your antihacker software and firewall to
help you plan for the worst contingency, but its $9,500 price is steep.
Even though this includes two days of offsite training, you'll likely find
you have more affordable ways to map your network (with Visio) and crunch
numbers (with Excel).
Internet Scanner 5.6
Rating: Four Stars
Verdict: The most comprehensive security package on the market.
Pros: Exhaustive feature set; fast.
Cons: Pricey; cryptic descriptions.
Starting at $2,795 est. street price / Internet Security
Systems / (678) 443-6000
Expert 3.0
Rating: Three Stars
Verdict: A fancy way to map your network and analyze its risks.
Pros: Makes risk analysis simple.
Cons: Expensive for the features.
$9,500 est. street price / L3 Network Security / (888) 280-7475
HackerShield 1.1
Rating: Two Stars
Verdict: The antihacker tool with lots of hand-holding.
Pros: Automatically fixes some holes.
Cons: Slow; not comprehensive.
$695 per server est. street price / Netect /(888)
263-8328
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Hacker News Network [www.hackernews.com]
Received on Sat Apr 3 10:56:23 1999