I have recently installed a Web Server on my PC. I want to test how much vernable it is. I want to learn how to search for its weaknesses and exploits. I am a complete newbie in this field so I atleast need to get started. Thank you.
Printable View
I have recently installed a Web Server on my PC. I want to test how much vernable it is. I want to learn how to search for its weaknesses and exploits. I am a complete newbie in this field so I atleast need to get started. Thank you.
start by searching for pre-existing vulnerabilities...
you can do this by searching
>bugtraq (www.securityfocus.com)
>packetstorm (www.packetstormsecurity.com)
>google (www.google.com)
There are also vulnerability scanners. You can always try and find a copy of the source code to your daemon and look for unchecked buffers, et cetera...
A few questions: What OS and http daemon are you running? Do you have any web applications or CGI deployed?
Well I might as well ask, because if I don't someone else will. You are going to have to give us more info.
What OS is the WEB Server installed on?
What kind of WEB Server is it?
What, if any, patches have you applied to both the OS & the WEB Server.
Come on, throw us a bone here mate, we are good, but we don't read minds.
Cheers:
I have Win 98 and the http daemon is Abyss Web Server. Its executable is avaiable for free.
The reason why I did not give any specific info is because I wanted a general approach of finding vernablities that I can apply to any OS and daemon.
Ok I have used Abyss web server before ( a long time ago). There were vulnerabilities back then. Don't know now. Ok I will give you a link to a tool that I might get negged for. It is a tool that can be used for both evil and good. Hopefully you will use it for good. It is at http://www.eeye.com/html/Products/Retina/index.html It is called Retina there is a free download for trial purpose. Very good security software at www.eeye.com just be aware that it is pretty expensive to buy the software. Well it is expensive for my pockets at least. I have seen it being used on Techtv before and it works well. Good luck let us know if that fits your needs.
I use a linux product called nessus. I find it very useful for checking the security of my work servers etc. if you want you can mail me the ip address and I will scan your server and email you the report it produces back.Quote:
Originally posted here by niloy
I have recently installed a Web Server on my PC. I want to test how much vernable it is. I want to learn how to search for its weaknesses and exploits. I am a complete newbie in this field so I atleast need to get started. Thank you.
HTH
Mail me at:
post at stephen-milner dot me dot uk
I will second this (along with almost everyone else here at AO). The only *bad* thing (which isn't necessarily bad) is that you have to run the nessus server on a *nix based machine. They have a front end for nessus on win32 machines, but that will do you no good unless you have the server to connect to. I'd be impressed if you could find a public nessus server to connect to.Quote:
I use a linux product called nessus. I find it very useful for checking the security of my work servers etc.
If you have a spare machine, I'd suggest loading *nix on it so you can get the feel of the broad range of tools available for both win32 and *nix. It would be well worth it depending on how much you are trying to learn. The best part is that *most* of the tools you get for *nix are free. Most of the good tools for windows are shareware or commercial (though you can still find *some* freeware good tools for win32 that are decent). Just so you know what I mean by broad range... have a look at the "top 75 security tools "
abyss brute forcing -> http://packetstorm.linuxsecurity.com...byss.brute.txt
abyss DoS vuln -> http://packetstorm.linuxsecurity.com...oits/abyss.txt
as for windows98, i didn't search for anything. but am aware of it's multiple DoS vulnerabilities...