搜索  

• 页面
• 讨论
• 源码
• 历史
• 简体
• 繁體
• 简体中文
• 繁体中文

• 导航
  • 首页
  • 社区
  • 当前事件
  • 最近更改
  • 随机页面
  • 帮助
  • 资助
• 工具箱
  • 链入页面
  • 链出更改
  • 上传文件
  • 特殊页面
• 个人工具
  • 登录／创建账户

InstallingSecurityTools

出自Ubuntu中文

Ubuntu的源里面包含了不少很实用的网络管理和网络安全软件，本文将对这些软件中最流行和实用的几个进行简述，并简要介绍一下它们的安装.

• Ethereal－这是一个使用极为普遍的网络流量分析工析,它可以从网络上实时抓取数据包进行分析，也可以对以往保存下来的抓包记录文件进行分析.它提供便利的图形界面操作.提示：安装完该软件后会自动加入到系统菜单中，但启动它必須拥有root权限。所以要运行它可以通过执行：sudo ethereal 也可以编辑菜单通过gksudo来启动它.安装如下：

ethereal ethereal-common

• Nessus - a powerful remote network security auditor, with a nice GUI. Nessus supports plugins and offers a usually current attack database. It also features useful scripting abilities, allowing you to automate many tasks. Install the following:

nessus

• nmap - the standard network mapper. Has a thousand and one uses. Install the following:

nmap

• Etherape - an etherman clone. It displays network activity with an intuitive UI. Install the following:

etherape

• Kismet - a wireless sniffing tool. Includes support for GPS map scanning with in use of the gpsdrive package. Install the following:

kismet

• chkrootkit - chkrootkit can be used to help determine if a machine has been compromised. While not what you should use for the 'final word' on if you have been compromised, it runs a lot of useful checks and can direct suspicions towards finding a solution. Install the following:

chkrootkit

• GnuPG - an opensource PGP replacement. Lacks support for IDEA, but is incredibly useful. Included by default. GnuPG will allow you to encrypt emails, digitally sign, and integrates well into the Evolution mail client as well as Thunderbird.
• Seahorse - a light-weight Gnome frontend for GPG, makes managing keys much easier. Install the following:

seahorse

• Nemesis - a commandline based packet injection utility. Requires a bit of reading the documentation to get full use from.

nemesis

• tcpdump - while its name suggests that it works for only TCP, tcpdump also supports UDP, BGP, NFS, and a lot of other packet types. It is a powerful network utility that should be in every admins toolbox, allowing you to pull in everything off the wire. In combination with ethereal it doesn't miss much.

tcpdump

• OpenSSH - OpenSSH almost singlehandly stopped admins from using telnet, an insecure protocol. The OpenSSH client is installed by default. Generally you want to use SSH instead of telnet or rsh. In some situations, such as large number of clients, you might want to pursue other options, such as telnet with ssl. To install the ssh server:

openssh-server