Certification Magazine - October 2007 - (Page 34)

TECHNIQUES Building Your Skills Through Security Tools WAYNE ANDERSON In today’s IT industry, any enterprise that employs people, handles data or sells a product is forced to protect itself against unwanted threats. As a result, technology professionals with security backgrounds are always in demand. As the need for security-knowledgeable professionals has swiftly expanded in recent years, so has the demand for attendant certifications to verify a candidate’s knowledge in the area. Many modern credentials examine a candidate’s knowledge of specific tools or the output these tools deliver to ensure each candidate has the ability to detect, recognize and respond to a security incident. Regardless of whether your specific administration security function is on the Microsoft Windows platform, Linux, UNIX or a specific vendor’s version of each, there are many tools in the security space that can help all administrators secure the enterprise, as well as certify their skills. Building your skills with some of these tools can ensure that when it comes time to seek a professional with the necessary security skill, you can place yourself at the forefront of that skill search. As an aside, please note that the tools being examined in brief here can be used to initiate or simulate an attack on a system to assess its security. As a responsible administrator, it is important you understand the security policy governing your environment and that you examine the impact of running such a scan before performing any kind of security assessment on your corporate network. Some companies carry prohibitive policies toward these types of tools that might require case-by-case management approval. SensePost Footprint Tools SensePost (which Secure Data purchased in July) began in 2000 as a consulting firm that specialized in security assessments. Since then, many of the individual tools from the firm’s security research have been released to the public either on an evaluation or a subscription basis. One of the primary tools released to administrators is “BiDiBLAH,” which forms a platform from which a security administrator can execute myriad functions to perform various types of information attacks. These include: • Platform and application fingerprinting (using certain types of requests to determine what software is running based on the format of the response). • Vulnerability scanning (using known types of attacks to determine whether the target system is immune). • DNS and IP scanning (taking known information such as a domain name to get more information about the internal workings of the network from a domain name or Internet services provider). As a tool, BiDiBLAH was really developed to assist SensePost’s security practice by automating some of the standard methods SensePost security consultants would use to examine a technology infrastructure. Once SensePost had identified a common methodology of testing infrastructures, a software product could take that architecture of testing and build an automated process around it, immediately saving SensePost consultants time in the field. 34 CERTIFICATION MAGAZINE October 2007

Table of Contents Feed for the Digital Edition of Certification Magazine - October 2007

Editor's Letter Contents Data Stream Tech Careers Dear Techie Academic Connection Virtual Village Rebooting Your Career Development Inside Certification Forensics Investigators: Cybercrime Fighters Interface Building Your Skills Through Security Tools Ad Index Endtag

Certification Magazine - October 2007

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.