July 4, 2009
Hot topics :
Free Newsletters :
IT Management
Products
Security
Identity

Redspin Security Assessment Tools

Product Watch
Free Tools Provide Basic Assessments for Firewalls, GP

IT security audit firm Redspin offers a series of free assessment tools that are accessible and/or downloadable from their Web site. The tools provide basic security assessment capabilities in the areas of firewall configurations, Linux binary analysis, and now Windows Active Directory Group Policy analysis. Some of the tools are downloadable programs that execute locally; while others operate entirely online (with analysis data uploaded and/or inputted from the customer). The new WinCAT-AD is a combination of both methods.

Tools available as of this writing include:

- FirewallCAT, which accepts as input a firewall configuration file and produces from it a graphical representation of the rules being used on the firewall, a "net result" of the firewall's ACLs. FirewallCAT is Web based, with the customer asked to upload their firewall configuration file. The tool supports Cisco PIX 6.x and 7.x file types.

- fTrace, a Linux application that dynamically traces a Linux binary (non-stripped) and prints to STDERR all local functions called by the application, as well as reports possible arguments and return values of each function. fTrace is a downloadable application.

- Crackulator, an online tool that reports the amount of time a would-be cracker (or crackers) would take to guess a password with given characteristics. The user can enter the characteristics of the crack attempt, including how many users would be attempting to crack the password, whether it has special characters, its length, and the cracking method (i.e., brute-force, rainbow tables, etc.) employed.

- WinCAT-AD, or "Windows Configuration Analysis Tools - Active Directory," is the most recently added tool to the set. It analyzes an organization's Group Policy settings domain-wide and presents a browser-generated report of the results; "...an overall snapshot of all Group Policies applied to all users/machines in the domain." To use the tool, the customer first downloads an app to run locally (Windows Server 2003), that app produces a data file that can then be re-uploaded to the online portion of the tool for the actual creation of the browser-based report.

All of the tools are currently free; though the vendor warns that they may not always be available.

Visit the Redspin site for further information.

product submission by EITPlanet Staff

fact sheet
ID#: 1216147167
date posted: Jul. 16, 2008
category: Security:Identity
platform: See Description
vendor: Redspin, Inc
(redspin.com/)
vendor's information:
about Redspin Security Assessment Tools
about Redspin, Inc


Security

Anti-spam | Anti-virus | Biometrics | Encryption | Filtering/Monitoring | Firewalls | Identity | Intrusion Detection/Prevention | Personal Utilities | Privacy | Security Administration Tools | Tools

Latest category updates via our RSS feed
RSS


Partners
Partner With Us













More IT Management
CIO Update
Datamation
eCRMGuide
DRM Watch
eSecurity Planet
ITSMWatch
Intranet Journal
Inside ID
Grid Computing Planet
bITa Planet
IT Career Planet
Project Manager Planet
Semantic Web