PaulDotCom mailing list archives
Re: Not scanning production
From: Ron Gula <rgula () tenable com>
Date: Wed, 31 Oct 2012 16:25:24 +0000
Hey there, What problem are you trying to solve? If you are required to scan a production system because of something like PCI, copying it off to the side may be a good place to start to look for holes, but in the end, you won't be able to use that for submission. If only you could tell the 100s of botnets and hackers that scan the site each day that its a production site Š. Ron Gula On 10/31/12 12:15 PM, "Patrick Laverty" <patrick_laverty () brown edu> wrote:
Ok, newbie here... I was asked to scan a web site that we were told is vulnerable. So I'm copying the site over to my Dev server and each time I manually click on links, I see it sends my request to production. I went through the .htaccess file and changed everything to point to my Dev server. It still goes to prod. I dig in a little further and sure enough, most of the links in the hundreds of pages are hardcoded to the prod site. What's the safest way to get around this? Set the /etc/hosts file on my scanning machine to point to my Dev server? I want to make 100% sure that my scan never hits the production server. Suggestions? Thank you. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Not scanning production Patrick Laverty (Oct 31)
- Re: Not scanning production Ron Gula (Oct 31)
- Re: Not scanning production Arch Angel (Oct 31)
- Re: Not scanning production Barry Von Ahsen (Oct 31)
- Re: Not scanning production Bacon Zombie (Oct 31)
- Re: Not scanning production Conrad Constantine (Oct 31)
- Re: Not scanning production Arch Angel (Oct 31)
- Re: Not scanning production Barry Von Ahsen (Oct 31)
- Re: Not scanning production James Condron (Oct 31)
- Re: Not scanning production David3 (Oct 31)