10 Useful Cloud Security Tools: Part 2

10 Useful Cloud Security Tools: Part 2

10 Useful Cloud Security Tools: Part 2

Cloud services like Amazon Elastic Cloud and IBM SmartCloud are revolutionizing the way IT organizations deal with online infrastructure. There are many benefits to cloud computing, but there are also serious security concerns. Yesterday, I revealed 5 helpful tools for enhancing cloud security.

Here are 5 more tools to round out my top 10 list:

Metasploit

metasploit

Complied in the Ruby programming language and developed by H.D. Moore, Metasploit framework has made significant contributions to the pen testing tools community. It gives you the capability of adding your own modules. By default, Metasploit is embedded in popular pen testing distributions with a streamlined user interface.

It can pen test with just an IP address. Therefore, if you have your data on the cloud then all you need is your actual cloud IP address to test security. Just be sure that the IP you are using actually belong to your assets, because in many cases vendors will change IP addresses. If you are using cloud services from Amazon, then using Metasploit Pro will provide you with additional Amazon Machine Images. You can install the available Metasploit package on Amazon EC2 like other packages and run it normally. You cannot receive updates until you get it registered, though.

Nessus

Nessus is an open source, comprehensive vulnerability scanner developed by Tenable Network Security, and has the designation of being the most popular vulnerability assessment tool. In its most recent update in March, it added cloud management and multi support through the Nessus Perimeter Service.

infographic-host-cloud

This scanner is capable of controlling internal and external scanners through the cloud. According to Ron Gula, CEO of Tenable Network Security, the multi-scanning management capability will allow users to benefit from the robust capabilities of Nessus to manage internal and external scanners from a single point, which will save time and resources.

Nmap

Nmap stands for “Network Mapper”; this tool is the gold standard for network scanning. Originally written by Gordon Lyon (Fyodor Vaskovich), it is a must have in any pen testers arsenal. Use it to scan networks, even if congestion or latency has been occurring on these networks.

Nmap can be effectively used for scanning cloud networks. The only condition is that your cloud network is on an OS supported by Nmap. These include Unix, Linux, Solaris, Windows, Mac, OS X, BSD and some other environments. Also, you would want to scan your original IP instead of that hidden behind NAT or firewalls. Be sure to have permission from the IaaS provider before scanning the networks, because it is prohibited to scan without authenticity, for obvious reasons.

Kismet

Freely distributed as an open source program, Kismet uses 802.11 standard layer 2 tools which can be used for packet sniffing, network detection and also as an intrusion detection system. It supports any wireless card which is capable of raw monitoring.

Kismet is capable of scanning public, private or hybrid cloud servers. Its distinguishing feature is that it leaves no logs of scans done in victim machines. It accomplishes this by working passively and sending no traceable packets to the victim network. Due to stealth functionality, it is the most widely used wireless scanning tool to date. On a cloud server, Kismet can be used for preventing any active wireless sniffing programs like Netstumbler through its IDS capability. Kismet supports channel hopping that aids it in finding as many networks as possible through non sequential functioning.

Wireshark

Wireshark has been around for ages and has proven to be an excellent cloud monitoring tool. Although it can help network administrators in scanning enterprise networks, it cannot be used as a stand-alone tool in large environments like cloud servers. In cloud networks, Wireshark is used for scanning a single entity of the whole infrastructure. It can be aided by other tools, or multiple instances can run to serve the purpose.

Wireshark can apply to the cloud the same way it applies to any home network. It is used for troubleshooting network issues by digging through the weeds of the network. Wireshark can also be applied for analyzing packets between cloud service provider and the end user. But as Wireshark is basically a desktop based network monitoring tool, QA Café has developed “CloudShark” for making captured files accessible on cloud environments.

On Conclusion

Traditional network monitoring tools are now being used as cloud monitoring tools. This is due to the fact that the cloud is also a network with larger boundaries and more complications than standard networks. Today, organizations can buy an online service by instantiating any image service on the cloud. Cloud computing has emerged as a pay-as-you-go service, which organizations can use without having to go deeper into the details how cloud infrastructure works.

As cloud networks are providing more and more to IT services, its security has been a chief concern for most customers. For ensuring security and privacy of your data, there are tools and methodologies through which you can pen test your cloud provider. Using the aforementioned tools will enhance reliability in cloud service.

By Chetan Soni

Sorry, comments are closed for this post.

How Will The Internet of Things Affect The Business World?

How Will The Internet of Things Affect The Business World?

Internet of Things and the Business World? Experts predict that by 2020, the Internet of Things will have a market greater than $1 Trillion, yet despite it being the new buzzword, many people have no idea how this predicted revolution will shape the business world. We’ve all heard predictions of various appliances with sensors, wearable…

Securing A Mid-Sized Enterprise: When A Little Assistance Goes A Long Way

Securing A Mid-Sized Enterprise: When A Little Assistance Goes A Long Way

Securing A Mid-Sized Enterprise There is no longer any subjectivity in this statement: security is at the top of list for all CIOs. Every meeting I’ve attended over the last three months has been dominated by the topic of security and when it’s injected into the conversation, it’s not necessarily by my team, but the…

Is Your Corporate Data Appearing On Personal Clouds?

Is Your Corporate Data Appearing On Personal Clouds?

Corporate Data Appearing On Personal Clouds Enterprise cloud adoption has led to cloud consumerization, but how safe is any personal cloud? Remember when you’d join a company and they’d issue a desktop computer and corporate-issued cell phone? And remember all the company’s data was stored in a server on-site at the company? It’s fair to…

Carve Outs And The Cloud: A Synergistic Coupling

Carve Outs And The Cloud: A Synergistic Coupling

Carve Outs and the Cloud The mergers and acquisitions market is a complex and challenging industry and the last two years has seen a rise in the number of transactions. Working with companies in this space over the last 10 years, we at RKON have seen and hopefully helped change the mindset of private equity…

5 Companies That Took On The Small Business Cloud – And Lost

5 Companies That Took On The Small Business Cloud – And Lost

5 Companies That Took On The Small Business Cloud The growth of cloud based business support systems has been staggering, and while some major software houses have quickly positioned themselves as forerunners in the move to the Cloud, there are several high-flying companies that have so far failed to provide small businesses with the level…

Three Factors for Choosing Your Long-term Cloud Strategy

Three Factors for Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

Hoarders And Data Collectors:  On The Brink Of Unmanageability

Hoarders And Data Collectors: On The Brink Of Unmanageability

Hoarders and Data Collectors In our physical world, hoarders are deemed “out of control” when they collect too much.  Surely the same analogy applies in our online world.  When providers collect realms of data from us, it seems they lose control of that too?  In the last months it’s not just the frequency of data…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Advertising