Thursday, 17 April 2014

Top 10 at Infosec 2014: Exhibitors

Infosec Europe has arrived once again at Earl’s Court London. Armed with your Passport to Prizes and a map of the show, all the while keeping a keen eye on the #infosec14 Twitter feed, you may find yourself slightly lost in the sea of security vendors and marketing shows. So here's a guide of 10 exhibitors based less on the size of the marketing budget and more on the calibre of their solutions, to get you started and help you navigate your way through three days of infosec debauchery:

1. Titania
Stand G25

Titania are developers of security and compliance auditing software for a huge range of devices; as one of our customers described us as "where the Cisco manuals live". This year we are proud to announce the latest features of our network auditing tool Nipper Studio 2.3 with compliance auditing for PCI DSS and updated vulnerability analysis, in line with the latest NIST NVD requirements. We will be delivering presentations on compliance auditing and configuration analysis and unveiling our brand new product. Drop by to see how we are promoting Stress Free Cyber Security and grab a surprise goody bag and some chocolate to keep you going throughout the show. 

2. IT Governance
Stand F103
Tweets @ITGovernance

IT Governance is a provider of books, tools training and consultancy in matters of risk management, compliance and information security. This year, at Infosec they are are offering a free Compliance Surgery with a 15 minute expert to help sift through ISO 27001PCI DSS compliance, ITIL / ISO20000 IT service management compliance, NHS N3 / IG toolkit submissions and European directives among others. For any busy infosec professional this sounds like a quick and efficient way to catch up with current affairs and updates in the world of security and compliance. 

3. Malvern Cyber Security Cluster
Stand C85
Tweets @MalvernCyber

Malvern Cyber Security Cluster is a partnership that promotes cyber security SMEs centered around Malvern in Worcestershire, a town that is being recognised by Government and industry as a national hub for cyber security. At their stand you won’t find one, but a dozen of small cyber focused companies which bring fresh ideas to the table, along with affordable price tags. Among the companies exhibiting at the Malvern Cyber stand there will be Advent IMDataSureBorwellEncription LimitedAscentor and many others. Titania will be present too, across the three days of the show. 

4. SecurEnvoy
Stand H10
Tweets @securenvoy

SecurEnvoy is an innovative company and global leader of tokenless two-factor authentication. At the height of heated debates over the efficiency of password authentication, they promise a keynote speech analysing 2FA solutions available on the market and a discussion on security aspects relating to seed records, the algorithms used to create passcodes for user identification. 

5. Tripwire
Stand G108
Tweets @TripwireInc

Tripwire comes to Infosec Europe with a pretty innovative approach and promises to zombify you. Well, at least on paper, but that’s not all they're offering. The session One Big Threat to Cyber Security: IT Geeks Can’t Talk to Management resonates the concerns of every information security specialist when considering effective communication with the C-suite.

6. Thales
Stand F30

Thales, a leading provider of cyber security and data encryption, announces the launch of the Encryption in the Cloud study which will look at budgets, corporate ownership, the role of encryption in cloud computing, as well as the Global Encryption Trends survey, now running in its ninth year and conducted in 8 different countries.

Stand L92

Digital Shadows is a one of the new exhibitors and a cyber intelligence company which monitors and secures digital footprints for cloud environments, mobile devices and social media platforms. They will showcase their new SearchLight Client Portal. 

Stand M85
Tweets @seculert

Seculert, the guys who discovered Shamoon (the virus which brought down 30 000 Saudi Aramco computers, back in 2012) are exhibiting for the first time at Infosec and offer registration for on-demand demos in detecting the undetected, searching for malware beyond your premises and checking suspicious executables. 

9. FireMon
Stand J70
Tweets @FireMon

FireMon is an enterprise security management provider which promises a week full of demos, a pub reception and a presentation on the beauty of automation in cyber security, by explaining how it brings a greater agility to the job without posing a threat to job security, nor the danger of oversimplifying complex problems. 

10. Watchful
Stand E42
Tweets @watchfulsw

Watchful is showcasing RightsWatch data-centric security suite with a nimble ability to classify information dynamically using Office 365, without user involvement and then leveraging Azure RMS to protect that information. Their approach to securing data in today’s hyper-connected landscape is securing the information that matters most. They’re also giving away an iPad a day.

Monday, 14 April 2014

Four Years of InfoSec

Infosec Europe is turning 19 this year, but for Titania this is only the 4th year. Here is the story of how we grew up alongside one of the most recognised shows in the information security industry. 

First Year - 2011

In our first year it was all about getting our tool – Nipper Studio – launched (an enhancement of the original tool Nipper) and into the hands of the people who needed it: pentesters. Titania came with an army of three and within a 2 x 2 stand space we demo'ed for three days.

Nipper Studio Launch

We launched Nipper Studio and we came bearing gifts…

Second Year - 2012

In our second year of Infosec we had tripled in staff numbers and doubled our product portfolio. This time 6 of our best people were there and ready to show off two products. We were also looking to find people interested in trying the ‘release candidate’ version of newest Paws Studio compliance software. 

Stress Free Cyber Security

We made an important addition to our product family – Paws Studio. The Titania team also grew bigger and we decided to help take the stress out of cyber security by giving away some stress balls and chocolate.

Alen Damadzic the author of Paws Studio, our compliance and auditing tool,  demonstrating the use of stress balls at our stand. 

Berislav Kucan @bkucan here with the Titania Team, having a chat about his work at HelpNet Security. Later that year he completed an independent review of our Nipper Studio software. 

The stars of our expo – Nipper Studio & Paws Studio

Third Year – 2013

Last year we had 7 people, and just as well, because we barely had a moment to catch a breath. In between spinning the wheel of fortune, talking to people, showcasing the products and catching up with old friends from the industry, we had our hands full. 

At the last show we also had some very popular umbrellas. In the spirit of the Great British Cyber Security theme, what can be more appropriate than an umbrella in London? 

Great British Cyber Security

Our prize wheel gave visitors a chance to win free audits, an assortment of Union Jack themed prizes, such as mugs, piggy banks, umbrellas and t-shirts. We also had Nipper Studio and Paws Studio in full swing. Our team was counting 13 members and had a bigger stand so we could welcome even more people.  

Great British Cyber Security

Fourth Year - 2014

This year we have even more surprises. Everything's got bigger, the team, the company, the stand and the giveaways. You'll have to come and see us to find out what's new in terms of auditing, compliance and the best cyber security for your organisation. There will be new features to trial on Nipper Studio and a very important announcement that you don't want to miss. 

Stress Free Cyber Security

Without spoiling the surprise, we can assure you that Ian Whiting will be there to give demonstrations of each of our products for the entire three days. At the end of each presentation there will be a Q & A session and a surprise goody bag for all those who want them. We also have a demo area for those of you who want to try the software yourselves and we have an excellent team who has already represented us successfully in Vienna, Las Vegas and Washington at cyber conferences and exhibitions this year.

If you want to know where to find us, we will be on G25, right next to Juniper Networks, Outpost24, Trend Micro, Splunk and SecurEnvoy:

Titania (center) stand G25
Malvern Cyber Security Cluster

You can also find us at Stand C85 as part of the Malvern Cyber Security Cluster, along other members of the cyber valley. 
The partnership is a collaborative effort of cyber security SMEs in the Worcestershire area to raise awareness, encourage the development of cyber skills and address common issues for SMEs in the industry.

On each day of the event, members of the Cluster will be present to talk you through the variety of innovative products and solutions and share best practices on the common topic that brings us all together at Infosec: information security. Among the companies you'll see at the stand are: TitaniaDataSure,  Borwell, Advent IM, Hedgehog Security, Encription Limited, Ascentor, NCSC (National Cyber Skills Centre), IASME (Information Assurance for SMEs), Sutcliffe & Co and others. 

Malvern Cyber Security Cluster (center) stand C85

Tuesday, 8 April 2014

Exhibition Review: Infosecurity Europe

by Nicola Whiting (COO, Titania)

About the Author

Nicola Whiting is Titania’s Chief Operations Officer and has a solid reputation for increasing revenues and profitability within technology based SME environments. She joined the team in 2011 and has overseen a period of intense growth and change. Now Nicola’s focus is on extending the organizational capabilities and workforce skills, in order to continue to embrace innovation.

Infosecurity Europe is an annual show which takes place every April at Earls Court in London (2014’s show is later than normal and the scheduled dates are 29 April - 01 May).

Figure 1. Outside Earls Court during Infosecurity Europe. Photograph provided by Reed Exhibitions (Oct. 2013)
Titania will be exhibiting for its fourth year and we would recommend Infosecurity Europe as a key show for both independent and corporate Penetrations Testers. Not only will it give you a good overview of the tools your customers are using to manage their systems, but you will also gain invaluable information on the latest business critical issues and hot topics.

You can register for FREE entry and there’s plenty of value in attending:

The security professionals “intelligence boot camp”

Seminars are delivered at all levels and include industry focussed topics in both business and technical areas. The keynote theatre is a great place to update on global trending topics and you’ll find both high level guest speakers and strategic end-user panel discussions.

Hot topics for 2013 included application security, business continuity and digital forensics, encryption, managing the human factor, compliance, identity access management, network infrastructure and secure transactions. Whatever current problems are keeping your customers awake at night, you can be sure that the seminars, workshops and keynote theatre will leave you armed with both the issues at hand AND the industry’s best practice advice.

Hundreds of key vendors, thousands of products and services

Infosecurity Europe is on a growth streak and had over 13,000 visitors last year (ABC audited). 

Figure 2. Inside Infosecurity Europe: Photograph provided by Reed Exhibitions (Oct. 2013)
Visitors range from SME’s to large multinationals and from diverse market sectors.

It’s no surprise that leading security vendors choose InfoSec to showcase their latest and greatest innovations.

In a fast paced industry it’s important that, as a security professional, you are able to review your security choice, method and message against the current security marketplace.

Are you getting best value, is there a leaner more efficient way of achieving your current requirements, are you still “ahead of the curve”?

If you’re happy with your current choices it’s also a great opportunity to get an update on the latest features from your current product vendors AND iron out any niggling operability questions! In 2013 there were over 350 key security vendors at Infosecurity Europe, so there’s no better opportunity to see what’s on offer and build some new business contacts.

Multiple Networking Opportunities

Through the exhibition, seminars and workshops, you’ll have the opportunity to network with peers from other sectors, often gaining new and fresh insights into common threat areas.

Many of Titania’s customers are Penetration Testers (who use Nipper Studio to improve their ROI on configuration reviews). Their first-hand experience is that InfoSec is a great B2B opportunity and not to be missed.

If you make it to Infosecurity Europe this year, stop by our stand (G25). We’d love to hear what you think of the show and would be happy to show you our latest products and updates!

Thursday, 3 April 2014

Interop 2014 - What's Hot in Network Security? PCI DSS 3.0, Compliance & National Defence

The last day of the Interop Exhibition has come, so here is an overview of what's been happening so far, in the words of the Titania team greeting you at our stand in Las Vegas: Ian Whiting, Nicola Whiting & Andy Williams. 

Ian Whiting & Andy Williams - setup and ready for Interop
Andy Williams, Head of International Development: "On the first day of Interop we met with a wide variety of IT professionals from business, government and academia, not only from the US but around the world - including Australia, Europe, Asia and the Middle East. Visitors are interested to learn that, although we are a small business based in the UK, we are truly international with clients in 60 countries worldwide."

Andy Williams explaining why Titania is expanding so fast globally
Nicola Whiting is Titania's Chief Operations Officer and she was pleased to notice that "information security is a hot issue at the show with several of the leading network security device vendors present - including those whose devices we support such as Cisco, Dell, HP, Watchguard, Barracuda, and F5."

Nicola Whiting is happy to see that information security is a priority for Interop 2014

Finally, Ian Whiting (CEO) has been in Las Vegas for all three days to answer questions and discuss the latest developments of Nipper Studio 2.3: "Titania’s booth is adjacent to that of the US Government’s National Security Agency. Visitors have been impressed by the fact that Titania supplies extensively to the US government’s security and defence community, as well as to many federal civil agencies.

The person who has all the answers on Nipper Studio -  its developer, Ian Whiting...

... And he loves to demo

IT security representatives from a number of major international corporations such as Bridgestone and Visa have stopped by to catch up on what’s new in the latest versions of our security and compliance audit software. Many have commented favourably on the latest features in the latest release of Nipper Studio. PCI DSS 3.0 compliance reporting functionality in both Nipper Studio and Paws Studio is proving of particular interest."

Update: Day 2 at Interop continued to be very busy and productive for Titania with some of the world's leading technology companies including VMware, Fujitsu and Microsoft taking time to visit us at our booth. It was also great to meet with new contacts from among our US government client base, including the US Navy, The show has also been useful in connecting with a number of leading system integrators, resellers and managed service providers interested in exploring partnerships with Titania as we rapidly expand our US market presence. 

It is great to see such positive feedback, from our customers and visitors alike. Thank you for making Interop 2014 a memorable experience. 

And we look forward to seeing more familiar faces at next year's Interop.

Tuesday, 1 April 2014

Top 20 Exhibitors to Watch at Interop 2014


Browsing through the 100 announcements from exhibitors at Interop 2014, this year seems to bring a flurry of solutions and products focused on synchronising business processes with IT solutions and innovations brought by virtualisation and the concept of Everything-as-a-Service (EaaS), or Software-as-a-Service (SaaS). The great thing about it is that these solutions are not only addressing the technical teams, but have now evolved to be  introduced to management boards, with clear advantages to business efficiency. 

Below we draw up a list of a 20 exhibitors worth watching. We know Interop is a busy time and there are lots of interesting things to do, watch and listen to, but if you haven't got a schedule, you can always start here:

1. Titania
Booth No: 962
Twitter: @TitaniaLimited

Showcases its latest versions of Nipper Studio security auditing software for firewalls, switches and routers. Nipper Studio 2.3 now includes compliance reporting for PCI, with improved vulnerability analysis, using the NIST NVD. Watch out for the demo - new features will be revealed.

Booth No: 627
Twitter: @APCON

APCON will release IntellaFlex 3288-XR– a high capacity, non-blocking network monitoring switch. APCON will also demo its IntellaFlex 36-port 10G Time Stamping and Packet Slicing Blade, a Best of Interop - Performance Finalist.

3. Aryaka
Booth No: 1821
Twitter: @AryakaNetworks

Announces Network OnDemand for enterprises that want to consume global private bandwidth as a metered service. Also provides SaaS in terms of WAN Optimization as-a-Service, Network as-a-Service, Application delivery as-a-Service and Cloud Network as-a-Service. 

4. Basic6
Booth No: 610
Twitter: @basic6

Introduces a console for centralised remote management of embedded devices around IoT. Will present a  multi-vendor demo of wireless global control: of SmartBeacons, Arduinos, and Raspberry Pi's.

5. Catavolt
Booth No: 1359
Twitter: @CatavoltInc

Showcases a mobile app platform which protects business data by not storing it on the device.

6. Cloudpath Networks
Booth No: 739
Twitter: @cloudpath_net

Announces XpressConnect Enrollment System 3.0 the first ADE (Automated Device Enablement) platform, plus they offer some pretty cool socks.

7. Cormant
Booth No: 1363
Twitter: @CormantCS

Announces and demo’s the addition to Cormant CS DCIM (Data Centre Infrastructure Management), Workflow, a configurable engine for all infrastructure tasks. Their solution is also used in supporting InteropNet

8. Emulex
Booth No: 1158
Twitter: @Emulex

Offers its next gen of high performance Ethernet connectivity solutions to the open source community. It is also offering a free Starbucks coffee.

9. Ethernet Alliance
Booth No: 1958
Twitter: @EthernetAllianc

Multi-vendor demo to illustrate Ethernet’s high interoperability - because this is Interop.

10. iLand
Booth No: 616
Twitter: @ilandcloud

Best of Interop Finalist. Showcases  a disaster recovery as-a-service and it recently expanded in the UK to address demands for enterprise cloud services and disaster recovery.

11. Intersog
Booth No: 1145
Twitter: @Intersog

Ranks 3rd inUK top 10 Android developers. Will present extensive mobile development and UX / UI design expertise, along with other enterprise mobile solutions. 

12. NCP Engineering
Booth No: 754
Twitter: @NCP_engineering

Introduces its latest versions of centrally managed IPsec VPN client suite, including Android, Linux, Mac OS Mavericks clients. Simplifies remote access security management, promises better compliance and connectivity regardless of space, time or device. It also offers a 'Remote Access VPN for Dummies' book.

13. NEC
Booth No: 1839
Twitter: @NEC

UNC (Unified Network Coordinator) together with the latest version of Programmable Flow Networking Suite promise to enable construction and organisation of virtual networks within and across data centres. NEC is also a Gold Sponsor for the SDN workshop, on April 1st, and a Best of Interop Finalist.

14. OpenGear
Booth No: 639
Twitter: @Opengear

OOB (out-of-band) provider for Interop NOC (Network Operation Centre).  Presents IM7200 – a tool for remote management of data centres and critical infrastructures.

15. Path Solutions
Booth No: 1951
Twitter: @goPathSolutions

Another Best of Interop Finalist and Interop NOC provider.  Brings TotalView5 for real-time performance monitoring and optimization for IP networks. 

16. Procera Networks
Booth No: 550
Twitter: @ProceraNetworks

Demo’s NAVL (Network Application Visibility Library) which promises high performance network insights with a minimal consumption of resources.

17. Scale Arc
Booth No: 2058
Twitter: @ScaleArc

Announces ScaleArc for SQL Servers 3.1 – a new version of its database traffic management software. Watch out for the prize draw.

18. Server Technology
Booth No: 842
Twitter: @ServerTechInc

Presents HDOT (High Density Outlet Technology) which monitors power and temperature usage, while watching the alarms closely right down to outlet / device level. Server Technology is also a provider for the InteropNOC.

19. Smart File
Booth No: 2351
Twitter: @SmartFile

Comes with a breakthrough in network file management – FileHub. Adds advanced search, detailed reporting, compliance and easy manangement to existing storage. Also a Best of Interop Finalist.

20. Stratus Always On
Booth No: 1360
Twitter: @StratusAlwaysOn

Introduces it next-gen software solution everRunEnterprise; a downtime prevention software for Windows and Linux applications with built-in disaster recovery. Best of Interop Finalist.

We hope you found this review useful and we'd love to hear your thoughts on Interop Las Vegas 2014, in the comments below.

Wednesday, 26 March 2014

Titania at Interop 2014 - Coming to America

… Except unlike Eddie Murphy, we’re not coming to get a bride. We’re coming to show off Nipper Studio and Paws Studio – the network security software, that gained praise all over the world from government agencies and departments like the FBI, Department of Defense, The Treasury, the Department of Energy as well as corporate giants (Cisco, HP, Verizon to name just a few).

Penetration testers in over 60 countries have chosen us and have not been disappointed, why don’t you visit us at booth 962 to find out why? We’ll be there from Tuesday (1st April 2014) to Thursday (3rd April 2014).

Why Interop?

It’s a chance for you to meet the team, find out what we do and trial our cyber security solutions. It is also a chance for us to meet with interesting people, future clients and keep up with the latest trends in the world of networks, security, auditing and compliance. We would also like to take part in thought-provoking discussions and strengthen our relationships across the Atlantic. With 60% of our business taking place in the United States, we are sure to meet some familiar faces for a good catch up over those famous American pancakes.  


What do we expect?

As we put the finishing touches to the preparations for the show, there’s a tinge of excitement over what the experience will be like. There’s no doubt this is one of the biggest independent IT conferences of the year.  So many infosec professionals all in one place; it’s bound to be a buzzing atmosphere, filled with BYOD, SDN, IoT all sprinkled with lots of LEDs. If there’s anything that won’t be missing that’s the flashing lights.

The expo floor has seen a lot of changes in the 28 years that it’s been running filled with weird and wonderful things from the flying monkeys, to cars and motorbikes, either as props or as giveaways. Yet, the infosec community still gets excited by the quality of the talks, the disruptive technology and the efficacy of the workshops. Striking the right balance between work and fun makes sense, doesn't it?

But we expect to see plenty of security conscious organisations and government representatives, to filter through the flash and glitz in search for the best cyber solutions. After all, it’s not for nothing that the US is at the forefront of cyber defence, is it? And it explains why Titania has thrived in the American information security market.  

What do we have for you?

Our very own CEO – Ian Whiting, an experienced infosec professional, previously certified by CESG (Communications-Electronics Security Group) - will be there to answer your questions. Plus we have an expert team ready to give you all the information you need and a tool which brings even more features to answer the ever-increasing demands of today’s CIO. Andy Williams, Titania's Head of International Development is experienced in liaising with companies across the ocean having worked for 6 years as an international trade advisor for the US Department of Commerce, at the American Embassy in London. Or in fewer words, he’s our go-to expert for those interested in a serious business relationship.

Aside from reading about our products, we suggest you also stop by for a quick demo and an evaluation license, so that you can take your time and try out our software, after the Interop party.

Monday, 24 March 2014

Listening to the Network

by Ian Whiting (Titania, CEO)

About the Author 

Ian has been working with leading global organizations and government agencies to help improve computer security for more than a decade. He has previously been accredited by CESG for his security and team leading expertise for over 5 years. In 2009 Ian Whiting founded Titania with the aim of producing security auditing software products that can be used by non-security specialists and provide the detailed analysis that traditionally only an experienced penetration tester could achieve.

My favourite tool for monitoring network traffic with a graphical environment is Wireshark, on a command line then I would commonly use TCPDump. Both tools are mature products that have been around for years, and if you are a penetration tester you have most likely already used either one or both of them.

Many years ago now, when network hubs were used, the quantity of network traffic arriving at my laptop used to be huge. In today’s modern switched networks you usually no longer get to see network traffic that was sent to a specific network address. However it is still worth checking to see if you can see traffic that should not be visible in a switched environment. I have had to report to clients on a number of occasions, instances where I have been watching network packets that I simply should not have seen. I have recently seen a network hub still being used on a network that should have long since been replaced. In this case the company being tested was a financial organisation supplier and the network traffic on the hub contained data from several competing financial clients.

A common network protocol I see used on networks is Link Layer Discovery Protocol (LLDP), which is used for advertising the capabilities of the sender. LLDP is useful when combined with network management software, but it is also useful information for an attacker. The screenshot from Wireshark (see Figure 1) highlights a captured LLDP packet. You can clearly see that it contains information such as the make, model and software version from the switch; in this case it is a Brocade ICX running IronWare 7.4.00T311. Using that information it would be trivial for an attacker to review a vulnerability database and then download any exploit code for vulnerabilities. The information could also be used to obtain default passwords and other configuration settings that may not have been changed by the network administrator.

Figure 1. LLDP packet
Some manufacturers have developed their own variation of LLDP, the most prevalent of which is the Cisco Discovery Protocol (CDP). Although CDP is a Cisco proprietary protocol it has appeared on other manufacturer’s equipment too. You can see from the Wireshark CDP packet capture screenshot (see Figure 2), that the information in CDP also includes the software platform and version. You may have noticed that both LLDP and CDP include the management address of the devices, very useful.

Figure 2. CDP packet
The Cisco CDP also includes VLAN Trunking Protocol (VTP) domain information, which is also included in the Dynamic Trunking Protocol (DTP) packets (see Figure 3).

Figure 3. DTP packet

VTP is designed to make network administration easier by enabling the propagation of changes to the VLANs on the network, such as adding and removing VLANs over multiple network switches. VTP can be configured in server, client or transparent /off modes. If a switch is in server or client mode it is possible to modify the VLAN configuration on the switch if you can determine the VTP password. Therefore the presence of VTP could potentially pose a serious risk to a network, especially when a weak password has been set. 

The VTP password is not easily tested over the network without modifying the VLAN configuration (or destroying it), Nipper Studio can be used to review the actual configuration in order to determine its state without jeopardising the network (see Figure 4). It certainly would not make you a very popular penetration tester if you took down a customer’s network by removing all their VLANs.

Figure 4. Nipper Studio
A tool called Yersinia can be used to monitor the network in a similar manner to Wireshark, but it separates out protocols such as CDP, DTP and VTP in easy to review sections. However I would recommend using this tool with caution as it includes a number of network attacks such as using VTP (see Figure 5).

Figure 5. Yersinia

It is sometimes possible to audit the routing protocols present on the network by passively listening to the network traffic. Even though I should not be seeing routing protocol traffic when plugging in to a standard network port, at least the following Open Shortest Path First (OSPF) packet capture shown in the next example (see Figure 6) shows that MD5 authentication has been configured.

Figure 6. OSPF packet
However I have often seen routing protocols where either no authentication is configured or default credentials are transmitted with no encryption. In the next example (see Figure 7), Routing Information Protocol (RIP) version 1 is being used which has no support for authentication.

Figure 7. Vulnerable Routing Information Protocol
There are a huge number of other interesting protocols that have not been covered in this article, such as Dynamic Host Configuration Protocol (DHCP). However hopefully this article has bestowed a renewed understanding that simply listening to what the network has to communicate can highlight some security issues. These are issues which can be, and are too often, missed when security assessments place too great a focus on the results of network scanners.