Tools for Your Security Toolkit

Keeping a set of security tools available is helpful in case you need to audit your system security or recover from failures or lost information. Four tools are freely available that help you audit Oracle database servers, analyze packets, recover unknown passwords on Windows 2000 and Windows NT, and test password strength on Macintosh OS X systems.

UK-based PenTest offers scanner.sql, an Oracle database scanner that checks the database system's security. The script performs several tests, including tests against known and easy-to-guess passwords, and determines which users have database administrator privileges. The tool can also determine which users have the "ANY" privilege (which lets a user select any table in the database), which users can grant privileges, which accounts can run jobs from the OS level (external to the database service), and which users have system privileges (such as ALTER SYSTEM, CREATE LIBRARY, and CREATE SESSION). The tool also checks the UTF_FILE for parameters that present loose security, checks database links with clear-text passwords, and more. You can learn more about the scanner.sql script at the PenTest Web site.

NGSSoftware now offers a free packet-capture and analysis tool called NGSSniff. The tool runs on Windows XP and Win2K using the raw socket capabilities of the OS or the Microsoft Network Monitor drivers. NGSSniff can also import captured packets from files saved using Network Monitor so you don't need to install additional drivers. The GUI-based tool offers packet sorting and ASCII text viewing of packet data and can view packets in realtime without having to first stop a capture operation. NGSSniff is available as a free download from the NGSSoftware Web site.

Have you ever lost or forgotten a user password? Several tools are available that can help you in those situations, including Peter Nordahl's Offline NT Password & Registry Editor tool. Nordahl's tool is available in the form of a floppy boot disk image, which contains a single-floppy version of the Linux OS along with software that resets any valid user's password. The tool works on systems that have Syskey enabled—a nice touch—and you can also use the tool to disable Syskey. If you prefer to use a CD-ROM-based boot image, DMZ Services offers one that contains a mini-Linux boot image and Nordahl's password recovery software. DMZ Services offers a shell script that can create the bootable International Organization for Standardization (ISO)-based image and offers an ISO-based file (.iso) that you can burn directly onto a CD-RW using standard CD-RW burning software.

Do you have an Apple Mac running Mac OS 9.x or the new Mac OS X? If so, you might be pleased to know that a person using the nickname Grungie has released Macintosh Hacker's Workshop, which is a set of tools that lets you test the strength of user passwords. In addition, the software can extract the General Electric Comprehensive OS (gecos) field information from UNIX-based password files, generate word lists to help guess passwords, and comes with a word-list cleaner that helps remove words considered invalid as potential passwords from lists. Macintosh Hacker's Workshop is available at Grungie's Web site.