8.2. 网络扫描器工具
Debian 确实提供了一些工具用于远程扫描主机(并不是风险评估). 这些工具在某些情况下被用作风险评估扫描器, 而不是当做攻击工具用于扫描以发现远程可用服务. Debian 当前提供:
nmap
xprobe
p0f
knocker
isic
hping2
icmpush
nbtscan (for SMB /NetBIOS audits)
fragrouter
strobe
(in the netdiag package)irpas
While xprobe provide only remote operating system detection (using TCP/IP fingerprinting, nmap and knocker do both operating system detection and port scanning of the remote hosts. On the other hand, hping2 and icmpush can be used for remote ICMP attack techniques.
Designed specifically for SMB networks, nbtscan can be used to scan IP networks and retrieve name information from SMB-enabled servers, including: usernames, network names, MAC addresses…
另一方面, fragrouter 可以用于测试网络的入侵检测系统, 检查攻击者是否能绕过 NIDS.
FIXME: Check http://bugs.debian.org/153117 (ITP fragrouter) to see if it’s included.
FIXME add information based on http://www.giac.org/practical/gcux/Stephanie_Thomas_GCUX.pdf which describes how to use Debian and a laptop to scan for wireless (803.1) networks (link not there any more).