-
March 5th, 2004, 06:38 PM
#1
Apache and PHP security check tool
A while a go, I posted links to securing apache and php.
SecurityFocus HOME Infocus: Securing Apache: Step-by-Step
SecurityFocus HOME Infocus: Securing PHP: Step-by-Step
Now there is a tool to scan for security config errors.
TrustSight Security Hardening Tool v 1.0 Beta
by Syhunt Inf. Ltd.
< http://www.syhunt.com/section.php?id=sec_hardening >
Platforms: Linux, Windows 2000, Windows 95/98, Windows NT, Windows XP
Score: Not scored yet
TrustSight Security Hardening Tool parses the web server's configuration files to detect security configuration errors. Examines the web server's security configuration with close to 50 security checks. Supports Apache and PHP configuration files. Produces simple, easy to read reports.
Its just in beta... but still worth a look/test.
Enjoy! BTW: Check out some of the other new tools... some pretty interesting stuff.
http://www.securityfocus.com/tools
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
March 7th, 2004, 12:21 AM
#2
Has anyone had a chance to test this yet?
Your thoughts/opinions? I haven't yet had a chance to test it myself...
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
March 7th, 2004, 07:57 AM
#3
I'll try to test it tommorrow.
-
March 7th, 2004, 09:24 PM
#4
I just ran it against my intranet server. Its not on the internet, but I use it to learn and to keep frequent reading material, links and the such. Here is the output from it.
TrustSight Security Hardening Report
TrustSight Security Hardening Tool report for httpd.conf ("S:\httpd\conf\httpd.conf"")
Date: 03/07/2004 3:31:49 PM
TrustSight Security Hardening Tool - Session Details
Paranoid Mode: Yes
3 recommendation(s)
ServerTokens directive
Line: 31
It is recommended to modify the ServerTokens directive to ServerTokens ProductOnly. After this change, Apache doesn''t disclose information about its version.
ServerSignature directive
Line: 920
It is recommended to modify the ServerSignature directive to ServerSignature Off
mod_security.c module
mod_security.c module not found. We recommend to enable the mod_security module - The mod_security module can help protect against Cross Site Scripting (XSS) and SQL injection. Detailed information can be found at: http://www.modsecurity.org
v1.0.0 BETA. New versions will be announced on the Syhunt homepage at: www.syhunt.com
I had to run it on my xpbox, with a drive temporarily mapped to my linux box.
I could have simply copied the file over but it was faster and easier this way.
Guess I have a bit of "hardening" to do... but its not on the web... so I have some more time to figure out exactly what all this is. I'm not too experienced with webservers. I've never really needed them except for little things that I do.
Anywho, thats the kind of reports it gives. Mind you, this is a default config that was installed with RH9. Oh, and I'm not using mysql or php.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
March 7th, 2004, 09:45 PM
#5
Hey Hey,
Very cool tool. I'll definately be passing it on to the person who maintains our helpdesk (it's apache w/ php.. I may even run it later on today if work stays this quiet).
I ran it against my laptop. I'll also run it on my desktop tonight and try and post the results so that you can compare them. Anyways this laptop has EagleX installed on it. I haven't reconfigured anything, I've just gone with the default configuration, since it only listens on the loopback. Feel free to browse the results and enjoy!
Report - httpd.conf
Report - php.ini
Peace,
HT
-
March 7th, 2004, 10:40 PM
#6
HT
I have a newly configured machine with eaglex on it too. I left it at the default config too.
You'd think that a "security tool" would have tried to beef up security on their install?
The apache, mysql and etc. should all be locked down at install, since they are only being used for one thing. You don't need to be very flexible with that. The only thing they need to be flexible with is the updating and the snort config files.
I'm still learning snort, so it is very sensitive. I have to fine tune it. It reports that every website I visit is portscanning me! lol Well, thats for another day...
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
March 7th, 2004, 11:27 PM
#7
Hey Hey,
I've been having the same problem. I get constant alerts, every time I load a website.. it's a port scan apparently. Although I've been having quite a few problems with EagleX and snort in Windows (this is my first time running it in Win). Oink doesn't run properly, it crashes out and gives errors. I even modified the perl script so it would get the correct file and now it can't decompress it. I also get dB failures all the time and MySQL wont' start by default like the installer says it's supposed to. However I playing with it on my laptop which I only use at work, so I'll see what happens when i sink more time into it.
Peace,
HT
-
March 8th, 2004, 03:33 AM
#8
Yeah, I had that problem with the updates too. Just change the location of oink from /syg***/oink/etc to c:\rest of path. I don't have that box booted at the momenty.
But, thats how I fixed it. It updates just fine. Though, you may want to change the file it downloads to the current one, rather than stable one? Works ok for me.
I still get all those port scans though. I'll have to figure that out. I don't have a book for snort yet... and I hate reading big docs on websites. gives me a headache.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|