RE: vuln testing

From: Kumra, Vipul (vkumra_at_ipolicynetworks.com)
Date: 07/27/05

  • Next message: Kristine Amari: "Re: Packet analysis and protocol analysis"
    Date: Wed, 27 Jul 2005 08:57:01 +0530
    To: "Adam Kane" <kane@linkitsoftware.com>, <security-basics@securityfocus.com>
    
    

    Hi Adam,

    To start with you can try with Nessus to check for the vulnerabilities and then use Metasploit framework to exploit it.

    http://www.nessus.org/

    http://www.metasploit.com/

     

    Regards,
    Vipul Kumra
    iPolicy Networks Pvt. Ltd
    SDF B1 NEPZ
    Noida - 201305
    Tel : 91 - 120 - 2567002 extn 131
    Email : vkumra@ipolicynetworks.com
    Web: www.ipolicynet.com

    -----Original Message-----
    From: Adam Kane [mailto:kane@linkitsoftware.com]
    Sent: Tuesday, July 26, 2005 2:04 AM
    To: security-basics@securityfocus.com
    Subject: vuln testing

    Hi all,

    I'm wondering what free and easy to use tools are available to run
    vulnerability testing on my web servers. I want to know if a web server
    has security holes and/or flaws, etc. Any suggestions are appreciated.
    Thanks!


  • Next message: Kristine Amari: "Re: Packet analysis and protocol analysis"

    Relevant Pages

    • [Fwd: CERT Advisory CA-2002-05 Multiple Vulnerabilities in PHP fileupload]
      ... Multiple vulnerabilities exist in the PHP scripting language. ... installed on a variety of web servers, including Apache, IIS, Caudium, ... Updates to the PHP packages are in progress ...
      (comp.os.linux.security)
    • HPing?
      ... vulnerabilities, that the web servers we host are vulnerable to HPing ... possible to ping the box via port 80 and thus open to service denial ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
      (Security-Basics)
    • Re: HPing?
      ... > vulnerabilities, that the web servers we host are vulnerable to HPing ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ... and see how you can get plug-n-play secure remote access in ...
      (Security-Basics)
    • RE: vuln testing
      ... Subject: vuln testing ... vulnerability testing on my web servers. ... has security holes and/or flaws, ...
      (Security-Basics)
    • Re: What port to use for web server?
      ... >> There is nothing wrong to run web servers on their default port 80. ... > and then BLOCK attempted exploits for vulnerabilities for which no ... > patches are yet available? ... If it isn't secured it doesn't matter what port he's running it on. ...
      (comp.security.firewalls)