Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If you're familiar with linux, sniffers, port scanners and such, then have a look at the new BackTrack DVD. It contains all the tools necessary to perfom penetration testing, security audits, and so on.
Have a look at http://www.metasploit.com/. I've been pen testing for a while, and have used nessus which is good, but sploit is better.
Surely Nessus is a vulnerability scanner whereas Metasploit is an exploit framework.
It will carry out exploits but you need to know where to target them first, this is where Nessus comes in.
From that standpoint, I would see them as complementary rather than alterrnatives to the same end.
To the OP, yes Nessus would be seen as one of the best remote vulnerability scanners. I also hear good things about Core Impact, but have no direct experience of it.
Now a days, it is very important to do penetration testing of Web Application, as in my knowledge 70+ attacks have been noticed on web applications. Which means need application level firewall which can inspect every packet that dest. for http.
All though, there are many open-source distribution that provide some great tools for penetration testing of web application.
These tools are under GPL and some are Free Edition.
Distribution for Penetration testing are,
Licensed : GPL (Opensource) BackTrack Samurai
There are many others, these are enough for you to take start with.
You can find more tools regarding Penetration testing,Sql injection, XSS Attacks and Security updates on ;
Now a days, it is very important to do penetration testing of Web Application, as in my knowledge 70+ attacks have been noticed on web applications. Which means need layer 7 firewall.
I'm not sure what you're saying here... that there have been at least 70 attacks on web apps? Ever? There have been hundreds... and thousands, so whereas you're not wrong, you're hardly accurate.
Also, L7 firewalling is not really going to help protect your webapp, since all traffic ingressing to a webserver is HTTP. You might be thinking of a webapp firewall, which will scan http requests for potential script injection attacks. ModSecurity for Apache is one example.
Another good defense is a SQL proxy, like GreenSQL.
I'm not sure what you're saying here... that there have been at least 70 attacks on web apps? Ever? There have been hundreds... and thousands, so whereas you're not wrong, you're hardly accurate.
Also, L7 firewalling is not really going to help protect your webapp, since all traffic ingressing to a webserver is HTTP. You might be thinking of a webapp firewall, which will scan http requests for potential script injection attacks. ModSecurity for Apache is one example.
Another good defense is a SQL proxy, like GreenSQL.
Well, may be you understood wrong . My point was exactly what you said.
You will strongly need application level firewall. While ModSecurity is the best current available firewall for the DOS attacks protection and other enhancements. You can use additionally other moduels e.g mod_evasive, mod_qos is not bad option.
Well...overall I want to be able establish good practices while using Linux, to be able detect whenever someone is attempting to compromise my laptop while on the Internet. I'm running Fedora 11 right now, I have both SElinux and the Firewall enabled, I have turned off unnecessary services from starting, I have updated the Kernel and applied all security updates. I would like to get a better understanding of what to look for such as log files and be able to monitor ports which are open or block intrusions. I'm not really doing anything specific..just using my laptop on a wireless network..so I want to be more knowledgeable and prepared.
Seems to me you want to work the other way around, that is, not penetration testing but intrusion detection to find out who's trying or might be trying to access your system while on the internet.
Penetration testing is testing for example the security on a server you administer or a client's system to find and after that repair security holes.
Intrusion detection is monitoring what/who is accessing or trying to access a system owned or administered by you.
SNORT is an OpenSource IDS system (Intrusion Detection System) and in combination with iptables and scripts can be 'upgraded' to an IPS (Intrusion Prevention System).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
. My point was exactly what you said.
