Monday, January 26, 2009

Building a vulnerability scanning laptop with XP

I'm building a new laptop that will be used to conduct vulnerability analysis scanning. Due to the constraints, this will be an XP laptop. I have a laptop in use that uses linux, so this laptop is meeting a different set of needs. I've been compiling a list of applications to load on the laptop, and this is what I've come up with so far:
  • A network vulnerability scanner - TBD - I'm looking at SAINT, Nessus, and Retina
  • Microsoft Network Monitor - I've never used this, but I could see scenarios where it would be useful.
  • Wireshark - a great open source packet capture and analysis tool
  • Oval - for host base vulnerability checking
  • I'll have a couple of SRR scripts on the laptop (unix, SQL Server, and Oracle)
  • NMAP - for scanning
  • Netcat - because it is the Swiss Army Knife of network tools
  • NetStumbler - for war-walking
  • TruCrypt - for data at rest protection
Yes, you will have noticed that the majority of the applications are open source. The scaner will probably be a commercial application as I need something to do the heavy lifting.

If you can think of something I'm missing or something that might be useful, let me know.

No comments:

Post a Comment