Pen Test tools - Security

This is a discussion on Pen Test tools - Security ; Hi there, I'm trying to collect a list, or something, of all your favorites tools to perform penetration tests and I want some help :-) Could you tell me which tools do you use to scan your server to find ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Pen Test tools

  1. Pen Test tools

    Hi there, I'm trying to collect a list, or something, of all your
    favorites tools to perform penetration tests and I want some help :-)
    Could you tell me which tools do you use to scan your server to find
    vulnerabilities? That's because I've just configured a debian machine
    who's working as a web server with some important information. It also
    have ssh access, mysql, and ftp.
    Right now I'm just using nmap, and that list located at nmap's website
    its not so up to date.

    Any comment will be well recived.

    Thanks a lot.


  2. Re: Pen Test tools

    On 2006-04-22, geek_stardust wrote:
    > Hi there, I'm trying to collect a list, or something, of all your
    > favorites tools to perform penetration tests and I want some help :-)
    > Could you tell me which tools do you use to scan your server to find
    > vulnerabilities? That's because I've just configured a debian machine
    > who's working as a web server with some important information. It also
    > have ssh access, mysql, and ftp.
    > Right now I'm just using nmap, and that list located at nmap's website
    > its not so up to date.
    >
    > Any comment will be well recived.
    >
    > Thanks a lot.
    >

    Nessus is supposed to be good from what I've heard and read. It'll scan
    a machine for open ports and looks for known vulnerabilities or risks of
    the servers and their configuration on those ports. There are certainly
    other tools which are worth trying.

    Kind regards

    Manuel
    --
    Homepage: http://www.hinterbergen.de/mala
    OpenPGP: 0xA330353E (DSA) or 0xD87D188C (RSA)

  3. Re: Pen Test tools

    "geek_stardust" (06-04-22 12:00:02):

    > Hi there, I'm trying to collect a list, or something, of all your
    > favorites tools to perform penetration tests and I want some help :-)
    > Could you tell me which tools do you use to scan your server to find
    > vulnerabilities? That's because I've just configured a debian machine
    > who's working as a web server with some important information. It also
    > have ssh access, mysql, and ftp.
    > Right now I'm just using nmap, and that list located at nmap's website
    > its not so up to date.


    Well, my practice is to configure all services by hand, not using any
    example configuration files. Then, since I know my own configuration
    well, I can test the services for obvious vulnerabilities myself.

    The problems with those penetration testing tools is that there is no
    really good one. Real security problems are often not very obvious and
    those tools mostly find only obvious problems. For example my Apache is
    running with mass virtual hosting enabled. For every host, there is a
    directory. Some time ago, I detected that this led to information
    disclosure, when the client sends an empty Host header. Interestingly,
    I find this to be a very common configuration mistake on others'
    servers, if mass virtual hosting is in use. But neither Nikto nor
    Nessus report it.

    You're perfectly fine using Nmap only to find possible entrances, and
    then testing those by hand. Often it's enough to verify the
    configuration file and check that the daemon running is not a lot too
    old. This implies that you should keep your machine up to date. When
    you have a security problem raising from a bug, then there isn't much
    you could do anyway, unless you're developer.


    Regards.

  4. Re: Pen Test tools

    I think that's a good idea to configure all services by hand. I've just
    installed slackware 10.0, and I'm planning to setup a lamp server. I
    already configured apache following your advice, and will do the same
    with php and mysql.

    Well, thanks to all of you for your time and advices.


+ Reply to Thread