Security Basics mailing list archives
RE: web server chacking.
From: "Roberts, Scott" <scottroberts () hersheys com>
Date: Thu, 30 Jun 2005 14:47:28 -0400
It sounds like what you really want is Nessus. Nessus is an open source vulnerability scanner that does many of the same functions as more expensive commercial scanners, and is included in most Knoppix distros (I'd recommend Knoppix STD). In addition you should probably run Nmap against it using a few different scan types. Those two open source tools should give you a pretty good idea of where to start with improving your server security. Scott J. Roberts ------------------------ scottroberts () hersheys com "We've been in the biggest beta test there is, for years. We call it Windows." --Victor Wheatman, managing VP for Gartner Group -----Original Message----- From: Juan B [mailto:juanbabi () yahoo com] Sent: Thursday, June 30, 2005 9:20 AM To: security-basics () securityfocus com Subject: web server chacking. HI, I want to start chacking the security of some of our web servers. I use open source tools ( whoppix/knoppix cd). what are the best open source tools to check the security of those webs ( checking for buffer overflows, cross site scripting,IIS holes,etc..) thanks, Juan ____________________________________________________ Yahoo! Sports Rekindle the Rivalries. Sign up for Fantasy Football http://football.fantasysports.yahoo.com
Attachment:
smime.p7s
Description:
Current thread:
- RE: web server chacking. Roberts, Scott (Jul 04)
- <Possible follow-ups>
- Re: web server chacking. Kim Guldberg (Jul 04)
- Re: web server chacking. dallas jordan (Jul 04)
- Re: web server chacking. security-basics (Jul 05)
- Radius Profiles for Cisco using IAS nmas (Jul 11)