|
|
|
Tools
The OneConsult® Toolbox
As well as generally available commercial and open source tools,
our analysts and consultants often use tools that we have developed,
modified or programmed ourselves. These make up the OneConsult®
Toolbox, which includes custom tools such as the following:
- Technical focus:
- Port and security scanners
- Exploits
- Test trojans to identify vulnerabilities to attacks based
on protocol tunneling:
- OneConsult® Pandora PRO (supports the http,
https (http over ssl) and dns protocols)
- or OneConsult®
Pandora LT (supports http: via Ports
80 and 443)
- Password crackers
- Sniffers
- Rootkits
- Configuration and system
hardening scripts
- etc.
- Organizational/conceptual focus:
- Workshop methodologies(e.g. for BCP/DRP
or IT
threat and risk analysis)
- Documentation templates
- Analysis tools (e.g. for SWOT, cost/benefit or use-value
analyses)
- Templates for questionnaires and evaluation forms
- Templates for security concepts and security policies
- etc.
One of the tools in our toolbox is OneConsult® Pandora.
A freeware version of this (OneConsult®
Pandora LT), with limited functionality, can be downloaded
in our download area. OneConsult®
Pandora tests the sensitivity of the infrastructure to
protocol tunneling-based attacks (also known as covert channel
or inside out attacks).
Functionality schema of the protocol tunneling test tool OneConsult®
Pandora PRO:
The OneConsult® Toolbox, or parts of it, can also be
licensed.
Open Source Software
We use a wide variety of open source and/or commercial tools in
our projects. If the client agrees and the tools concerned are appropriate
to the context, we use open source software. This decision is based
on the following criteria:
- These programs, which can be used without paying a license fee,
are often just as good as their commercial equivalents.
- In the IT risk management environment, the most powerful tools
(which are also used by hackers) only run under the open source
Linux or Unix operating systems, and many applications are themselves
open source.
- Open source software is safer in that, unlike with commercial
software, the source code is freely available and anyone can assess
its functionality. This means that each program's functions are
transparent. This is particularly important for IT risk management
projects and offers protection against unwanted side-effects such
as trojans and other digital pests (viruses, worms, etc.).
- Open source software can be used free of charge, which means
we do not have to include tool charges in the project costs.
We have compiled a short list of security tools in our download
area.
If you're interested in OneConsult and you'd like a no-obligation
consultation or more information, please contact
us.
Further Information
|
 |
