| Robert Melson 2006-05-19, 1:26 am |
| [Posted and mailed]
In article <1148005057.967260.143130@j73g2000cwa.googlegroups.com>,
"ship" <shiphen@gmail.com> writes:
> Can any of you good people recommend a site or some freesoftware
> that you can run to test all the ports on a webserver - which would
> give a level of reassurance that at least the basics are covered.
>
> What I'm thinking of is that I paste my webserver's IP number
> into some (reasonably trustworthy!) website and they have a go
> at breaching the webserver using some automated tools....
>
> Anyone know of such a thing?
>
> Later when we have a budget we might pay for such a thing but not
> just right now...
>
>
> Ship
> Shiperton Henethe
>
Dunno about a site, but you might want to look into nessus as your security
tool: http://www.nessus.org
Open source, public domain security scanner that may be just what the doctor
ordered in your circumstance. Does NOT require a rocket scientist to install,
configure or use, tho' whether it's available for gatesware is another question
and one to which I don't have an answer. Check out the website.
There used to be - maybe still is - a security "scanner" called, variously,
SATAN/SANTA which excited a lot of controversy when first released in the
public domain. Also caused lots of problems through misuse. This is, of
course, a problem with all port scanners, particularly if you don't set the
boundaries of the search correctly.
HTH
Bob Melson
--
Robert G. Melson | Rio Grande MicroSolutions | El Paso, Texas
-----
Under democracy one party always devotes its chief energies to trying to prove
that the other party is unfit to rule---and both commonly succeed, and are
right." ---H. L. Mencken
|