Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
07-22-2003, 10:22 AM
|
#1
|
Member
Registered: Oct 2002
Location: Ohio, USA
Distribution: OS X 10.4.8, Ubuntu 6.10
Posts: 146
Rep:
|
Vulnerability Scanner?
Hey everyone,
I just dipped into the world of webservers and of course I'm concerned about the vulnerability issue when it comes to them. I know of a program for Windows that is called Retina and it scans for just about every vulnerability known to man on any platform.. but the problem is that it is for windows and I don't like to be in windows too much at all... So, is there a program that is it's equivilent for linux? (I know there are tons, but I need something that is moderately easy to use and maintain). I want to be able to just plug in the IP addy of my webserver and scan it, find out what vulnerabilities it has and then Patch them. The nice thing about Retina is that it tells me how or where I could patch the vulnerability that was on my servers. Thanks for any insight!
-AquamaN
|
|
|
07-22-2003, 10:53 AM
|
#2
|
Member
Registered: Aug 2002
Location: Faroe Islands
Distribution: Knoppix on hd
Posts: 54
Rep:
|
I don't know any scanner that especially deals with webservers, but it is always good to scan for rootkits:
http://www.chkrootkit.org/
|
|
|
07-22-2003, 10:58 AM
|
#3
|
Member
Registered: Oct 2002
Location: Havertown PA
Distribution: Ubuntu/RHEL/Fedora
Posts: 253
Rep:
|
If you are talking different functionality than that of nmap (port scanner), then you may want to check out COPS, which you can run nightly with cron to tell you about vulnerabilities and gives you an idea of what to do to correct those issues.
There is another called SAINT, which evolved from SATAN. This is probably closer to what you want, since it knows a lot about Unix servers and can tell you more about what to do to fix any vulnerabilities.
Good luck.
|
|
|
07-22-2003, 10:58 AM
|
#4
|
Member
Registered: Oct 2002
Location: Ohio, USA
Distribution: OS X 10.4.8, Ubuntu 6.10
Posts: 146
Original Poster
Rep:
|
Excelent, thanks a lot! I'll try all those out and let you know how it goes. Thanks again!
-AquamaN
|
|
|
07-22-2003, 11:00 AM
|
#5
|
Senior Member
Registered: May 2003
Location: Sydney, Nova Scotia, Canada
Distribution: slackware
Posts: 4,185
Rep:
|
do a search in LQ.org for saint, cause the program is not free anymore, and i posted a link to someone where you can get saint 3.5 for free.
|
|
|
07-22-2003, 11:12 AM
|
#6
|
Member
Registered: Oct 2002
Location: Havertown PA
Distribution: Ubuntu/RHEL/Fedora
Posts: 253
Rep:
|
Oops...I noticed SAINT is not freeware/opensource, though I'm pretty sure SATAN was/is. Sorry 'bout that. There's likely something similar in the open source world, but I'm not sure what exactly that might be. COPS should do you pretty good in the meantime though.
|
|
|
07-22-2003, 11:39 AM
|
#8
|
Member
Registered: Oct 2002
Location: Ohio, USA
Distribution: OS X 10.4.8, Ubuntu 6.10
Posts: 146
Original Poster
Rep:
|
Thanks again!!!
-AquamaN
|
|
|
07-22-2003, 12:03 PM
|
#9
|
Member
Registered: Jun 2003
Location: miami florida
Distribution: slackware 9.0
Posts: 128
Rep:
|
you can also try nessus it scans for like 1200 vulnerabilities (last time i checked) an i am pretty sure its free
|
|
|
All times are GMT -5. The time now is 03:53 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|