Application Security
1/17/2014
10:18 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

10 Free Or Low-Cost Network Discovery And Mapping Tools

Understand your network so you can defend it better
Previous
1 of 11
Next


One of the most useful adages for security professionals is "know thyself"--and when it comes to network security, the most fundamental task of knowing oneself is network discovery and mapping. Without up-to-date network diagrams and inventory lists, it is hard to even understand what you're protecting. The following tools can aid the process at little to no cost beyond man-hours.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Wellington1993
50%
50%
Wellington1993,
User Rank: Apprentice
7/14/2015 | 11:37:03 PM
Thank!
Very useful.
KrakowKaz
50%
50%
KrakowKaz,
User Rank: Apprentice
2/3/2015 | 7:02:00 AM
NetCrunch 8
NetCrunch 8 from AdRem Software has some advanced mapping features built into it's all-in-one monitoring/management suite. The node-based licensing model is very cost-effective, and scales well.

 
Elison2012
100%
0%
Elison2012,
User Rank: Apprentice
9/5/2014 | 2:57:20 AM
another program
I know one more software for the network mapping

it's 10-strike network diagram 10-strike.com/network-diagram/

some think that it's not so low-cost, but in my network it really works and helps a lot
anon4622024882
50%
50%
anon4622024882,
User Rank: Apprentice
6/5/2014 | 12:31:11 PM
Lucid Chart
Another tool you should check out is Lucid Chart's diagramming software.  https://www.lucidchart.com/pages/examples/network_diagram_software
JamesC407
50%
50%
JamesC407,
User Rank: Apprentice
5/22/2014 | 3:10:48 PM
OpenAudit not Free
No matter waht version you download it forces you back to register for a "trial" key.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2329
Published: 2015-08-31
Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent string for a check_mk agent, a (2) crafted request to a monitored host, which is not properly handled by ...

CVE-2014-2330
Published: 2015-08-31
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown ...

CVE-2014-2331
Published: 2015-08-31
Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

CVE-2014-2332
Published: 2015-08-31
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

CVE-2014-2570
Published: 2015-08-31
Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.