Results 1 to 10 of 10
-
05-06-2009, 11:46 AM #1Junior Guru Wannabe
- Join Date
- Apr 2009
- Posts
- 35
any cheap way to scan dedicated for security issues?
Any free or cheap way to scan a server setting for security issues and solve it?
I got a dedicated server in Korea and want to find a more affordable way to do this.
-
05-06-2009, 01:56 PM #2WHT Addict
- Join Date
- Sep 2002
- Posts
- 130
What are you looking for? Services that need to be disabled or trojans that may be installed? Need more specifics please.
-
05-06-2009, 02:00 PM #3Web Hosting Master
- Join Date
- Dec 2005
- Posts
- 3,110
There are various tools you can use like Nessus
-
05-06-2009, 02:11 PM #4Web Hosting Evangelist
- Join Date
- Jun 2007
- Posts
- 501
I second nessus. It is a powerful tool and quite powerful.
ZZ Servers - Business Hosting, HIPAA and PCI Compliant Hosting Solutions - http://www.zzservers.com
Xen Virtual Private Servers | Dedicated Servers | Shared Hosting
Custom configurations, firewall, VPN, load balancers, private networks and more.
-
05-06-2009, 02:13 PM #5Web Hosting Master
- Join Date
- Jun 2005
- Posts
- 2,752
http://www.filetransit.com/view.php?id=56914
N-Stalker Web Application Security Scanner 2006 state-of-art security assessment tool developed by N-Stalker. Incorporates well-known N-Stealth HTTP Security Scanner and 35,000 web attack signature database. Its patent-pending self-owned technology allows to scan web applications against SQL XSS injection, buffer overflow, parameter tampering and much more. Component-oriented Web Security.
-
05-06-2009, 02:14 PM #6Web Hosting Master
- Join Date
- Jun 2005
- Posts
- 2,752
-
05-06-2009, 02:24 PM #7Web Hosting Master
- Join Date
- Apr 2009
- Posts
- 865
Hey, you can use nmap and scan your ports so you will find all opened ports some of them really can be closed totally or opened only for few ip-addresses. This is the best way to secure your server. Also if you're running unix server try to change its SSH port - this will decrease (or even totally get off) all SSH bruteforce attacks.
-
05-06-2009, 02:30 PM #8Sec, DC and Virtual Architect
- Join Date
- Nov 2005
- Location
- Denver, CO
- Posts
- 728
On top of that you have Lynis, various rootkit hunters, a plethora of host scanning tools (things you run on your system), CSF/LFD even has a built-in check for some rather basic stuff.
Nessus can look at what is externally available on your machine as well as probe the various services that are available to make sure they are up to spec as far as security goes.
In the end, all the tools in the world won't help if you don't know
a) what you are looking for
b) how to fix the problem (and what is a problem? not all security exceptions are problems so you need to be able to understand the output).
c) you maintain the state of your machine
Automation is bad in this arena. You don't want something that will "fix" it for you. Automation to identify issuse is fine but you really shouldn't take an auto-fix approach as that just invites disaster.
http://www.knoppix-std.org/
http://www.remote-exploit.org/backtrack_download.html
http://www.rootkit.nl
http://www.skynet-solutions.net/easyids/features.asp
The individual tools in Knoppix and Backtrack are great finds and very useful for a vareity of host and network assessments. The Rootkit site has Lynis and while it's far from a complete scan, it's easy for new users to run and read. EasyIDS is another solution that is more outward facing and not so much ideal for host prevention but if you had a 2nd machine, install it on there and span the port from your hosting server to it which can then reactively let you know when the stuff hits the fan.
Believe me, this is a topic I can talk all day about.
-
05-06-2009, 02:33 PM #9Web Hosting Master
- Join Date
- Apr 2009
- Posts
- 865
-
05-06-2009, 02:52 PM #10Too smart for her own good.
- Join Date
- Feb 2004
- Location
- Your Screen
- Posts
- 3,999
The solution to this is to hire a competent server administrator.
BaileyLet's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.