Security Basics mailing list archives

Re: web server chacking.

From: dallas jordan <dallas.jordan () gmail com>
Date: Thu, 30 Jun 2005 14:28:13 -0500

Juan, 
   I think nessus is one good tool you could use.  I think you could
also use Nikto.  It scans for many vulnerabilities in web servers.  
Both of these may already come on some bootable linux distros.  I know
nessus is pretty standard, but I'm not sure about nikto.

www.nessus.org
http://www.cirt.net/code/nikto.shtml

On 6/30/05, Juan B <juanbabi () yahoo com> wrote:

HI,

I want to start chacking the security of some of our
web servers. I use open source tools ( whoppix/knoppix
cd).

what are the best open source tools to check the
security of those webs ( checking for buffer
overflows, cross site scripting,IIS holes,etc..)

thanks,

Juan



____________________________________________________
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
http://football.fantasysports.yahoo.com



-- 
Dallas Jordan CCNA, CISSP

Current thread:

RE: web server chacking. Roberts, Scott (Jul 04)
- <Possible follow-ups>
- Re: web server chacking. Kim Guldberg (Jul 04)
- Re: web server chacking. dallas jordan (Jul 04)
- Re: web server chacking. security-basics (Jul 05)
  - Radius Profiles for Cisco using IAS nmas (Jul 11)