NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

Slides:

Advertisements

Similar presentations

Enabling Secure Internet Access with ISA Server

Advertisements

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

KX-NS1000 Initial Set Up For step by step : 16 May,

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Essential NetTools Pranay Kumar. Essential NetTools  This tool is a set of network tools useful in diagnosing networks and monitoring your computer's.

QoS Solutions Confidential 2010 NetQuality Analyzer and QPerf.

TA : Eng.Hala O. Abu Radi.. Nslookup Command SYNOPSIS nslookup [-option... ] [host-to-find | -[server ] ] DESCRIPTION Nslookup is a program to query Internet.

Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Network Analyzer Example

Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

Business Information Systems DSC340 Fall 2012 Mike Pangburn Domain Names & the DNS.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Linux Networking Commands

Networking Basics: DNS IP addresses are usually paired with more human-friendly names: Domain Name System (DNS). internet.rutgers.edu HostnameOrganizationTop-level.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 

Forensic and Investigative Accounting

Ana Chanaba Robert Huylo

Hands-on Networking Fundamentals

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,

Network Tools TCP/IP interface configuration query - MAC (HW) address and IP address – Linux - /sbin/ifconfig – MS Windows – ipconfig/all 1.

Chapter 10 Networking and the Internet ITSC 1458.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Services Working at a Small-to-Medium Business or ISP – Chapter 7.

Packets and Protocols Recognizing Attacks with the protocol analyzer.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.

Chabot College ELEC Ports (Layer 4).

Web Page Design I Basic Computer Terms “How the Internet & the World Wide Web (www) Works”

Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.

Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.

Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

CIS 450 – Network Security Chapter 3 – Information Gathering.

TEAM Basic TotalElectrostatic ManagementAwareness&

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

Monitoring Your Network A College Approach Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop.

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Chapter 12 End-to-End Networking. FIGURE 12.0.F01: UDP packet fields.

Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect.

Advanced Packet Analysis and Troubleshooting Using Wireshark 23AF

PRACTICAL INTRODUCTION TO INTERNET TECHNOLOGY. Practical one PACKET DELAY AND LOSS IN INTERNET In this experiment, you will observe real delays and loss.

Footprinting and Scanning

4343 X2 – Outline The Domain Name System The Web.

Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

CPMT 1449 Computer Networking Technology – Lesson 3

COMP2322 Lab 3 DNS Steven Lee Feb. 19, Content Understand the Domain Name System (DNS). Analyze the DNS protocol with Wireshark. 2.

Monitoring, analyzing and cleaning DNS configuration errors across European NRENs Slavko Gajin University of Belgrade, Serbia

Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.

WHAT IS FOOTPRINTING?. FOOTPRINTING  Active  Passive - Passive footprinting is a method in which the attacker never makes any contact with the target.

Ping and Traceroute by Aleisa A. Drivere Supervisor Graciela Perera.

Lab 2: Packet Capture & Traffic Analysis with Wireshark

Footprinting and Scanning

CITA 352 Chapter 5 Port Scanning.

Network Commands 2 Linux Ubuntu A.S.

Working at a Small-to-Medium Business or ISP – Chapter 7

Footprinting and Scanning

Working at a Small-to-Medium Business or ISP – Chapter 7

FootPrinting CS391.

Working at a Small-to-Medium Business or ISP – Chapter 7

Presentation transcript:

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com

NetScanTools ® LE is a collection of tools used to gather information about IP addresses, domain names, hostnames, and addresses remotely through the internet. netscantools.com

NetScanTools ® LE NetScanTools ® History  NetScanTools Standard introduced 1995, discontinued 2004  NetScanTools Pro  NetScanTools Basic (freeware, similar to Standard version)  NetScanTools LE

Customer Wishes Law Enforcement customers were looking for a version of NetScanTools tailored to their needs. NetScanTools Pro has too many tools with too many options that they never use. Needed to be more friendly to a less technical audience.

Customer Requirements Law Enforcement customers provided a list of needed network tools. Manual Tools  Whois, Ping, Traceroute, DNS Tools, Ping Sweep, Port Scanner, Validate, IP to Country, Real Time Blacklist check, Text-only Web Page Grabber and Finger.

Manual Tools - Whois Whois automatically selects the whois server to use Accepts IPv4 addresses and domain names Shows DNS and other information

Manual Tools - Multidomain Whois Uses a base domain name and allows you to query multiple TLD registars for that domain Each result is saved in the case database

Manual Tools - Traceroute Traces the route packets take between your computer and the target using standard ICMP echo packets

Manual Tools – Ping Sweep Pings every IPv4 address within a range you specify Shows active systems that respond to ICMP pings

Manual Tools – DNS Tools Core Look up IPv4 addresses, hostnames and domain names Get Basic DNS Records, NSLOOKUP, Dig+trace, Zone Transfer

Manual Tools – Real Time Blacklist Check Look up IPv4 addresses or mail server names on blacklists Example shows a real spam source

Manual Tools – Port Scanner TCP full connect or UDP port scans Linear range of ports or list of common ports

Manual Tools – IP to Country Accepts single IPv4 address or a list of addresses Local database lookup, no internet query required

Manual Tools – Text Only Web Page Grabber Safely captures a web page Shows all data received from the web server including hidden headers

Customer Requirements Automated Mode  Input an IP address, hostname, domain name, or address and get results  Select only tests you need

Customer Requirements Case Oriented  All tool queries automatically saved to a case database  Case database is mandatory

Customer Requirements Packet Capture records each tool's network conversations  Runs independently  Includes quick view of captured packets  Packet Capture files are fully Wireshark compatible  Companion MD5 file is automatically saved when capture file is saved

Packet Capture Packet Capture runs separately while you do your work Save the capture for later inspection or validation of your work

Data Validation MD5 hash signature companion text files are saved when results are saved to a text file. Packet Capture files have the same MD5's. Internal database results are monitored using hash signatures MD5 signatures of external files can be validated by other programs

Customer Requirements Reports  Clear and simple without extraneous information  Viewed in web browser. This allows printing, saving and ing from the browser.

Reports from Manual Tools Report selection window  By target  By range of tests  Display single or multiple tests  MD5 checksum status of tests

Manual Tools Test Reports – DNS Core Example Reports are straightforward and show the results without distracting 'eye candy' Note all tests are timestamped

Reports from Automated Mode Report selection window  MD5 checksum status of each test is shown

Automated Mode Reports – An Example Automated reports are like manual reports with appended results Note all tests are timestamped

Help when you need it Detailed Help File available by pressing F1 Backed by a company with 15 years experience Register for support

Strengths and Advantages NetScanTools LE draws upon previous design experience making it a robust program Low cost for Law Enforcement We support our products. Shareware or open source programs are often not supported.

Pricing and Availability NetScanTools LE is $69 for Law Enforcement $129 for all others Available as 'unlocked' download Available on CDROM

NetScanTools ® LE Contact Info (360) am-4pm Pacific Time Request a trial at our website