LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 07-22-2003, 10:22 AM   #1
AquamaN
Member
 
Registered: Oct 2002
Location: Ohio, USA
Distribution: OS X 10.4.8, Ubuntu 6.10
Posts: 146

Rep: Reputation: 15
Talking Vulnerability Scanner?


Hey everyone,

I just dipped into the world of webservers and of course I'm concerned about the vulnerability issue when it comes to them. I know of a program for Windows that is called Retina and it scans for just about every vulnerability known to man on any platform.. but the problem is that it is for windows and I don't like to be in windows too much at all... So, is there a program that is it's equivilent for linux? (I know there are tons, but I need something that is moderately easy to use and maintain). I want to be able to just plug in the IP addy of my webserver and scan it, find out what vulnerabilities it has and then Patch them. The nice thing about Retina is that it tells me how or where I could patch the vulnerability that was on my servers. Thanks for any insight!

-AquamaN
 
Old 07-22-2003, 10:53 AM   #2
TheCoffeeMug
Member
 
Registered: Aug 2002
Location: Faroe Islands
Distribution: Knoppix on hd
Posts: 54

Rep: Reputation: 15
I don't know any scanner that especially deals with webservers, but it is always good to scan for rootkits:

http://www.chkrootkit.org/
 
Old 07-22-2003, 10:58 AM   #3
dkaplowitz
Member
 
Registered: Oct 2002
Location: Havertown PA
Distribution: Ubuntu/RHEL/Fedora
Posts: 253

Rep: Reputation: 31
If you are talking different functionality than that of nmap (port scanner), then you may want to check out COPS, which you can run nightly with cron to tell you about vulnerabilities and gives you an idea of what to do to correct those issues.

There is another called SAINT, which evolved from SATAN. This is probably closer to what you want, since it knows a lot about Unix servers and can tell you more about what to do to fix any vulnerabilities.

Good luck.
 
Old 07-22-2003, 10:58 AM   #4
AquamaN
Member
 
Registered: Oct 2002
Location: Ohio, USA
Distribution: OS X 10.4.8, Ubuntu 6.10
Posts: 146

Original Poster
Rep: Reputation: 15
Excelent, thanks a lot! I'll try all those out and let you know how it goes. Thanks again!

-AquamaN
 
Old 07-22-2003, 11:00 AM   #5
DrOzz
Senior Member
 
Registered: May 2003
Location: Sydney, Nova Scotia, Canada
Distribution: slackware
Posts: 4,185

Rep: Reputation: 59
do a search in LQ.org for saint, cause the program is not free anymore, and i posted a link to someone where you can get saint 3.5 for free.
 
Old 07-22-2003, 11:12 AM   #6
dkaplowitz
Member
 
Registered: Oct 2002
Location: Havertown PA
Distribution: Ubuntu/RHEL/Fedora
Posts: 253

Rep: Reputation: 31
Oops...I noticed SAINT is not freeware/opensource, though I'm pretty sure SATAN was/is. Sorry 'bout that. There's likely something similar in the open source world, but I'm not sure what exactly that might be. COPS should do you pretty good in the meantime though.
 
Old 07-22-2003, 11:18 AM   #7
dkaplowitz
Member
 
Registered: Oct 2002
Location: Havertown PA
Distribution: Ubuntu/RHEL/Fedora
Posts: 253

Rep: Reputation: 31
I noticed dr0zz's previous post (thanks man!).

Here's the link for SAINT 3.5:

http://linux.iconet.com.br/internet/...654_32413.html
 
Old 07-22-2003, 11:39 AM   #8
AquamaN
Member
 
Registered: Oct 2002
Location: Ohio, USA
Distribution: OS X 10.4.8, Ubuntu 6.10
Posts: 146

Original Poster
Rep: Reputation: 15
Thanks again!!!

-AquamaN
 
Old 07-22-2003, 12:03 PM   #9
ranger12002
Member
 
Registered: Jun 2003
Location: miami florida
Distribution: slackware 9.0
Posts: 128

Rep: Reputation: 15
you can also try nessus it scans for like 1200 vulnerabilities (last time i checked) an i am pretty sure its free
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Qmail-scanner: custom scanner cuigri Linux - Software 1 10-18-2004 06:46 AM
OpenBSD Vulnerability leeach *BSD 4 04-21-2004 03:01 AM
can't locate module scanner > how to get scanner work? b0uncer Linux - Hardware 1 10-26-2003 07:50 AM
PHP vulnerability glj Linux - Security 3 03-02-2002 06:47 AM
Scanner driver for USB scanner rros Linux - Newbie 1 04-23-2001 01:30 AM


All times are GMT -5. The time now is 12:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration