Security UPDATE--Nmap Hackers Pick Top 100 Security Tools--July 5, 2006

Subscribe to Windows IT Pro:

To make sure that your copy of Security UPDATE isn't mistakenly blocked by antispam software, add [email protected] to your list of allowed senders and contacts.


This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Security UPDATE.





1. In Focus: Nmap Hackers Pick Top 100 Security Tools

2. Security News and Features
- Recent Security Vulnerabilities
- Windows Genuine Advantage Now at a Disadvantage
- Microsoft Response to Exploit Riles Metasploit Developer
- SharePoint Antivirus Solutions

3. Security Toolkit
- Security Matters Blog
- Security Forum Featured Thread
- Share Your Security Tips

4. New and Improved
- Encryption for SOHO


==== Sponsor: Sherpa ====

How will compliance regulations affect your IT infrastructure? Help design your retention and retrieval, privacy and security policies to make sure that your organization is compliant.


==== 1. In Focus: Nmap Hackers Pick Top 100 Security Tools ====
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

You've most likely heard of Nmap, the network-mapping tool developed by "Fyodor." Nmap is widely used and is a standard tool in countless security administrators' toolkits. Fyodor operates a mailing list, nmap-hackers, for general announcements, patches, and light discussion regarding Nmap.

In 2000 and 2003, Fyodor surveyed the members of the mailing list to find out which security tools were their favorites. The 2000 survey resulted in a list of the top 50 most popular security tools. The 2003 survey resulted in an expanded list of the top 75 most popular security tools. Both lists have been great resources, especially since people could often discover new tools that they weren't previously aware of.

It's been three years since the last survey, and in that time lots of new security tools have come into existence, while other security tools have been updated (in some cases several times) with new features and functionality. This year, Fyodor conducted a new survey, and 3243 people responded. This latest survey resulted in an even longer list: the top 100 most popular security tools.

Although the list contains tools for several platforms, including Windows, Linux, BSD, Solaris, and Mac OS X, it's easy to figure out which tools work on which platforms because each tool description includes platform-specific icons. There are also icons that let you know whether a tool is free, whether it has a command-line interface or GUI, and whether source code is available.

Another feature of the list shows you whether the tool has risen or dropped in popularity compared with the 2003 survey results. Surprisingly, the top four tools on the current list remain unchanged in their popularity rank. Those top four tools are Nessus, Wireshark (formerly Ethereal), Snort, and Netcat. Metasploit Framework (released after the 2003 survey) is new to the list and is ranked the fifth most popular tool. Incidentally, you can read a semi-related news story, "Microsoft Response to Exploit Riles Metasploit Developer," on our Web site at the URL below.

An interesting trend revealed by 2006 survey results is that wireless security is far more important to security administrators than it was three years ago, evidenced by the fact that the wireless sniffer Kismet rose from the 17th most popular tool in 2003 to 7th most popular tool in 2006. Aircrack, originally released in mid-2004, now ranks as the 21st most popular security tool in the list. Aircrack helps crack Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) encryption, which, as you probably know, are typically used to help secure communication on WiFi networks.

Another interesting trend is that two great password-cracking tools, John the Ripper and Cain and Abel, broke into the top 10 as the 9th and 10th most popular tools respectively. John the Ripper was previously ranked #11 in 2003 and Cain and Abel was ranked #23, so the latter made quite a jump in popularity.

So that's a brief rundown of a few of the tools and trends from the list. You can of course glean even more information about security tool trends by reviewing the complete list, and you can learn about more tools that are new to the list, such as BackTrack, P0f, WebScarab, WebInspect, Core Impact, Canvas, and others. Check out the full survey results at


==== Sponsor: Thawte ====

Secure Your Online Data Transfer with SSL Increase your customers' confidence and your business by securely collecting sensitive information online. In this free white paper you'll learn about the various applications of SSL certificates and their appropriate deployment, along with details of how to test SSL on your web server.


==== 2. Security News and Features ====

Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

Windows Genuine Advantage Now at a Disadvantage
Microsoft's anti-piracy tool, Windows Genuine Advantage (WGA), was recently found to be regularly contacting Microsoft without informing the user that such contact was taking place. Microsoft recently modified the latest version of WGA to only contact the company's servers once every two weeks. Nevertheless, a third-party has stepped in to prevent WGA from regularly contacting Microsoft's servers.

Microsoft Response to Exploit Riles Metasploit Developer
A recently released exploit that takes advantage of problems in RRAS has drawn the relative ire of Microsoft and the obligatory rebuttal of a well-known security researcher.

SharePoint Antivirus Solutions
Interest in SharePoint is heating up. Online SharePoint discussion groups such as those at Windows IT Pro's sister site are flourishing, evidence that more and more IT pros are either working with Windows SharePoint Services or Microsoft Office Share-Point Portal Server 2003 or are investigating them. The downside of a collaboration technology like SharePoint is that it exposes an organization to security threats such as viruses. Fortunately, SharePoint-specific antivirus solutions are available and our buyer's guide can help you choose the best solution for you needs.


==== Resources and Events ====

Learn how to gather evidence of compliance across multiple systems and link the data to regulatory and framework control objectives. View this on-demand Web seminar today!

Take an up-to-date look at secure, remote access to corporate applications and stay ahead of the curve when making decisions about near- and long-term IT infrastructure. On-demand Web seminar.

Find out what policies help or hurt in protecting your company's assets and data. View this on-demand seminar today!

Gain control of your messaging data--and make your job easier--with these step-by-step instructions for complying with the law and ensuring your systems are working properly.

Are you protected company-wide against spyware, keyloggers, adware, and backdoor Trojans? Test the state of the art scanning engine that uses threat signatures from multiple sources to track down the culprits that antivirus solutions alone can’t protect you against. Download your free 30 day trial of CounterSpy Enterprise today!


==== Featured White Paper ====

Achieve compliance in today's complex regulatory environment while managing threats to the inward- and outward-bound communications vital to your business. Adopt a best-practices approach, such as the one outlined in the international information security standard ISO/IEC 17799:2005. Download the white paper today and secure the confidentiality, availability and integrity of your corporate information!


==== Hot Spot ====

Learn the commonalities across multiple compliance regulations and standards to optimize your environment and save time and money.


==== 3. Security Toolkit ====

Security Matters Blog: Voylent Encrypts Cell Phone Calls
by Mark Joseph Edwards,

The recently released Zfone beta encrypts voice-over-IP calls. Now you can encrypt cell phone calls too with the Voylent beta.

(by John Savill,

Q: Is there a tool I can use to delete user profiles?

Find the answer at

Security Forum Featured Thread

Security and Permission consideration
(One message in this thread)
A forum participant writes that he has a group of people (other than the Server Administrator) who are responsible for applications on various servers. Those people have been given the local administrator passwords for various servers so they can log on remotely to perform certain tasks. However, those people sometimes take actions on a server that go beyond their assigned tasks. Therefore he doesn't want those people to have full administrator privileges on the servers and wonders whether creating local accounts in the Power Users group would give them enough rights to perform their administrative tasks? Join the discussion at http/

Share Your Security Tips and Get $100
Share your security-related tips, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected] If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.


==== Announcements ====
(from Windows IT Pro and its partners)

Discounted Offer for the Windows IT Pro Master CD
Save 50% off the Windows IT Pro Master CD! Order now and get portable, high-speed access to the entire Windows IT Pro article database on CD--a searchable library that includes every issue ever published. The newest issue also includes BONUS Windows IT Tips. Order now and save 50%:

Save $80 off the Exchange & Outlook Administrator newsletter
Get endless solutions to help you migrate, optimize, administer, back up, recover, and secure your messaging environment. Subscribe to the Exchange & Outlook Administrator newsletter today and save $80:


==== 4. New and Improved ====
by Renee Munshi, [email protected]

Encryption for SOHO
WinMagic offers MySecureDoc, a line of full-disk encryption solutions priced for the small office/home office (SOHO) user. MySecureDoc Personal Edition ($29.95) works with Windows XP/2000 and protects all data on desktops and laptops by encrypting the entire hard drive before the logon screen appears so that intruders can't bypass the encryption level. MySecureDoc Media Edition ($19.95) protects all data on removable storage devices such as USB sticks. It encrypts the entire device, not just the files and folders in use, and asks for authentication before granting access to the device. MySecureDoc Personal Edition Plus ($49.95) combines Personal Edition and Media Edition. For more information, go to

Tell Us About a Hot Product and Get a Best Buy Gift Card!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Best Buy Gift Card if we write about the product in a Windows IT Pro What's Hot column. Send your product suggestion with information about how the product has helped you to [email protected]


==== Contact Us ====

About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring Security UPDATE -- [email protected]


This email newsletter is brought to you by Windows IT Security, the leading publication for IT professionals securing the Windows enterprise from external intruders and controlling access for internal users. Subscribe today.

Manage Your Account You are subscribed as %%$email%%

You received this email newsletter because you subscribed to it on the Windows IT Pro network. To unsubscribe, click the following link

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.