Apache Vulnerability Scanner
Results 1 to 10 of 10

Thread: Apache Vulnerability Scanner

  1. #1
    Banned
    Join Date
    Jul 2004
    Posts
    119

    Apache Vulnerability Scanner

    im running a windows port of Apache HTTP Server, which i was hoping to upgrade but due to "MSI" files i get errors so blah. im wondering if someone knows a good tool that i can use to scan my server for vulnerabilities. ive tried n-stealth i believe it is, but it tells me "host not found". so pretty much its of no use to me respectively. any info would be helpful.

  2. #2
    Junior Member
    Join Date
    Mar 2004
    Posts
    5
    Nessus should do the trick >>> http://nessus.org/

    -w00kie

  3. #3
    Senior Member
    Join Date
    Oct 2004
    Posts
    122
    search on http://packetstormsecurity.nl for the same
    nobody is perfect i am nobody

  4. #4
    Banned
    Join Date
    Jul 2004
    Posts
    119
    cool, i found nessus was unix only, but i guess they ported it to windows called NeWT

  5. #5
    Banned
    Join Date
    Jul 2004
    Posts
    119
    all the good tools ive found suck. because they are mostly made for unix/linux and are ported to windows they are not as...stable. some require winpcap which crashes my comp every time i install it and try to use a program that requires it. i need someone who has ethics to help me test my web server from a linux/unix based system with these tools. i will give authorization to test my system but not mess with my files. but of course thats a natural thing i place a lot of trust in the experienced user to help me identify my flaws to fix.

  6. #6
    Senior Member
    Join Date
    Oct 2004
    Posts
    122
    Originally posted here by karmine
    i need someone who has ethics to help me test my web server from a linux/unix based system with these tools. i will give authorization to test my system but not mess with my files.
    You are making a mistake never trust a person whom you don't even know how would you determine that the person claiming to be ethical is not a bad boy?
    Did you try shadow security scanner?
    If not try it.
    nobody is perfect i am nobody

  7. #7
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    The only thing I can recommend short of finding another machine and setting it up with Linux is using VMWare to install a virtual machine [running Linux - try Knoppix-STD or PHLAK for security-rich distros, they're actually LiveCDs too] and testing your server like that.

    It might seem a bit complicated but I assure you it's not... IIRC VMWare comes with a trial version - and for your purposes it should give you enough time to thoroughly test the server out.

    Cheers!
    /\\

  8. #8
    Banned
    Join Date
    Feb 2004
    Posts
    29
    You should also try nikto

  9. #9
    Banned
    Join Date
    Jul 2004
    Posts
    119
    i cant use nikto. for some reason there is a ver for windows, but it seems i cant find it....thus i need to compile it. and i havent got a good compiler for such projects.

  10. #10
    Originally posted here by hypronix
    The only thing I can recommend short of finding another machine and setting it up with Linux is using VMWare to install a virtual machine [running Linux - try Knoppix-STD or PHLAK for security-rich distros, they're actually LiveCDs too] and testing your server like that.
    What about Whitehat Knoppix - WHoppix 2.5 ?
    WhiteHat Knoppix (WHoppix) is a knoppix 3.6 remaster designed to be a standalone penetration testing toolkit. Heavily modded by muts, WHoppix includes a full set of penetration testing tools and a huge repository of exploits (Framework 2.2, Packetstorm and Securityfocus exploit archives).
    http://www.whoppix.net/

    It will pretty hard to get a connection for download since they have a lot of traffic.

    PS
    I did check knoppix website and there is no v 3.7 - the last that i downloaded was 3.6. I didn't look too deep into this though.

    Cheers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides