Advantages And Disadvantages Of Kismet

Published Date: 02 Nov 2017

Introduction

Now a day’s most crucial work is done on the computers for example net banking, online transaction etc, so we need various type of security tools to protect our details and important data. There are so many operating systems and network security tools. There are different security tools for different operating systems. So here is the report on some of the important security tools of WINDOWS operating system. In this report we describe four security tools KISMET, NBTSCAN, Nessus and NMAP. Kismet is use to detect the wireless network. NBTSCAN is used to scan IP networks. Nessus provide user free remote security scanner. NMAP is used to find the services on the computer.

Kismet is the one of the best network security tool. It works for any wireless card and it is network detector, intrusion detection system and packet sniffer for WLANs. This networking tool can run on MAC, Windows and Linux. Kismet detects network by collecting packets and indentifies standard network, identifying the hidden network. It works passively.

Following are the features of KISMET:-

It can sniffs the standard of wireless technology 802.11a, 802.11g and 802.11b etc.

It can detect the various range of network IP.

It can detect default or not configured network.

It allows channel hopping to find as many network as possible which means that it is change from one channel to other in short interval of time.

It can get data from GPS receiver to allow geographical using.

Advantages and Disadvantages of Kismet:-

It takes long time to search networks.

It can only identify the wireless network (Wi-Fi) in a small area, if the range is more it cannot work properly.

It results is very good for small area.

NBTSCAN

NBT Scan is a command line security tool. It scans IP network for NetBIOS name information. It sends the NetBIOS enquiry to all the computers (host) within the specific range and received the information from all the host in human readable form. It gets following things from the host computer:-

IP Address

NETBIOS Computer Name

Logged in username and

MAC Address.

Its function is based on the Window tool NBTSTAT, but it can operate verities of address instead of just one.

Following are some of the Command Parameter for NBTScan:-

-v It is used to show the version.

-f It is used to show full NBT record for the machine scanned.

-m It is used to include the MAC address of the machine in the result.

-p It allows the specific UDP port to send enquiry.

Following are the features of the NBTSCAN:-

It is based on commands.

It gives very important data which include the username on the device.

It is more sophisticated tool than NETBOIS scanner.

Advantages and Disadvantages of NBTSCAN:-

It does not work properly when firewall is on.

It helps in recovering of data at the time of system crash.

Some security tools identify nbtscan as malware.

Nessus

Nessus is a computer security tool developed in 1998 by Renaud Deraison. It provide Internet user free remote security scanner. This software is free for personal use but for commercial use company charges $100 per month. According to the survey of Sectools.org, Nessus is the world most famous vulnerability scanner. It stood first in 2000. 2003 and 2006 security tool survey. It was estimated that it is use by more than 75,000 MNC in the world.

It is different type of tool as compared to security tool like NMAP. For user interface it uses web interface and it gives permission to the Nessus Administration to create more than one user or multiple user at a time. It is a intelligent software which has the capability to create policies which includes the scanner specifications. It decides itself what type of security is used and which type of port to scan. By using user interface we can see the scan result.

The most powerful feature of Nessus is plug-in. The choice of plug-ins is very crucial to the success of scan. The other critical part of the scanning process id the port scanning. It is a process for which active ports are scanned for IP Address are identified. Every port is fixed for specific application. Nessus is smart scanner and only runs a test if particular program is available for the test.

Nessus scan for following types of Vulnerability:-

Misconfiguration

Denial of service

Default Password

Preparation for PCI DSS audits

Following are the features of Nessus:-

Navigation:- By using the navigation tool it is easy to see risk level without running a report.

Analysis:- By using analysis tool it can analyze:- Low Risk, Medium Risk, High Risk, Critical Risk and Informational.

New Server GUI:- Plug-in updates can be activated from web server.

It can support IP version 6.

NMAP

NMAP is known as Network Mapper and it was developed in 1997. It was developed by Gordon Lyon and it is used to find the services and host on the computer network by creating the map of the network. To do mapping NMAP sends packet to the target host and then analyzes the response of the host. Nmap uses IP packet to find the various host on the network, what type of service they are using, what type of packet filter and operating system they are using. It can work on all types of operating system. The new version of NMAP is GUI.

Following are the features of NMAP:-

Portable: - It can use on any operating system that is on MAC, Windows etc.

Powerful:-It is very powerful tool because it can scan big networks as well.

Free: - This tool is free of cost because the main goal of this tool is to provide secure internet using.

Flexible: - It has very advance technique for mapping of the network filled with routers, firewalls and many more.

It helps to find the open port in the network.

Points about NMAP with screen shot

Screen shot shows the target bar in which we have to type the IP address of the machine to search about the active services in the machine.

Then there is a command bar in which we have to type the commands for example

-o for operating system detection.

-sV for version detection.

- h Nmap help.

-sS TCP scan.

-sU UDP port scans.

Profile bar shows the type of scan.

Service tab shows the active service in the machine.

Advantages and Disadvantages: -

It is very simple and easy to use.

This tool can be used for unauthorized access to the computer.

Only system administrator can run this tool.