CSCD303 Essential Computer Security
Tool Evaluation Assignment

60 Points

Due Date: March 10th, 2014


The purpose of this assignment is to give you an opportunity to become familiar with some of the free tools available for security. The list of tools can be used for both attack and defend situations. I would suggest that you try out some of each. You can evaluate one tool that you already use. But, I would like you to select something other than "Symantec Virus Scanner" or some varient.

Investigating Tools

Try out at least three tools. Can be some of any we have discussed in class, or from your own knowledge or research. Download them to your computer or device that you are allowed to install programs on. You are allowed to use a tool that is already installed on your computer, but please try at least two new tools.
The tools can be for defense such as
Vulnerability scanners,
Anti-malware programs or Can be more for offense,such as
Port mapper programs,
Network traffic sniffing or
Other information gathering programs.

Some of the ones that look at vulnerabilities of websites are pretty interesting.
Nicto, Paros or other Proxy Web Application checker would be an interesting choice.

Tools can be found from the list at Insecure.org
Top 100 Tools from Insecure.org

Another list of tools can be found here
Cyberwarzone List
Or, you can find tools of your own.

Tool Evaluation and Deliverables

Complete the following steps to evaluate the tools:

  1. Download and install them.
  2. Run them. Try out as many features as possible.
  3. Perform an assessment of the tool's effectiveness.
    Answer the questions:
    1. How easy is it to use?
    2. How effective is it?
    3. If its anti-malware tool. You could try it against the fake virus file we talked about in class.
    4. Rate is in terms of people's knowledge needed to use it. Expert, Experienced or Novice.
    Rate how likely is it that someone could use this with that assumed level of experience.
  4. Write up the results in a report. Should be 2-3 pages