Penetration Testing mailing list archives
LAMP and postfix-dovecot security
From: admin <admin () propergander org uk>
Date: Sat, 17 Oct 2009 17:54:08 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I am very much new at administrating a LAMP/email server, although I have administered, fixed and secured Windows systems for around five years. I have built a system based on Ubuntu 9.04 running services are ssh, LAMP, and Postfix with Dovecot. Everything is working fine, as far as my limited knowledge allows me to deduce such workings. I eventually plan to expose this system to the Internet after I investigate integrating ClamAV, PostfixDspam, the SPF package and Forum software. But before I take this any further, I wish to security test the existing system. As a novice security researcher I am looking for advice and links to tips and tools which will allow me to test all of the currently installed components from a security perspective. I will worry about the rest at a later date. I have googled but I would take me days to separate the wheat from the chaff. So far I have come across although not used Nikto, Nessus, DenyHosts. I am also aware of and have used to a limited extent Backtrack and KCPentrix live CD's Can anyone please offer sources of information and tools on hardening and pentesting the services I currently use. Thanks Dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFK2fawBStvyIzJtOARAnPQAJwLYqp23ZOavSXeZDh/PAzoM74ynwCcC9Rv byLHWYRXYn0DM1G0eNzohVw= =ycDl -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- LAMP and postfix-dovecot security admin (Oct 19)
- Re: LAMP and postfix-dovecot security Joe Peters (Oct 21)
- Re: LAMP and postfix-dovecot security admin (Oct 27)
- Re: LAMP and postfix-dovecot security Claudio Criscione (Oct 27)
- Re: LAMP and postfix-dovecot security admin (Oct 27)
- Re: LAMP and postfix-dovecot security Joe Peters (Oct 21)