Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

how to run a vulnerability test on a domain

Posted on 2006-11-10
5
Medium Priority
?
143 Views
Last Modified: 2010-05-18
HELLO,

i want to run some tests and expose the vulnerabilities of our domain from the internet. We dont want to install any tools yet on our servers but we can install any tool needed or run anything from the internet against out domain.
I would like to see if there is any way someone from the internet to see servers on our domain, or connect , or see if we have any ports open , or if anybody from the internet can see if we have ports open..etc
are there any tools or sites i can run these programs or tools ?

i run a re[port from the http://www.dnsreport.com/  which is really nice...

is there anything else ? (it is very important to us)

thanks.
0
Comment
Question by:c_hockland
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 3

Expert Comment

by:mahe2000
ID: 17915231
you can run nmap (port mapper) or nessus (vulnerability checks) if you want, that will help you and they have good reports. you will need a pc outside your network with this two tools to run them.
0
 

Author Comment

by:c_hockland
ID: 17915278
note :  the "target" network is Windows 2003 based
0
 
LVL 8

Expert Comment

by:Here2Help
ID: 17918852
Hey,

Maybe the Microsoft Baseline Security Analyzer can help.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx
0
 
LVL 9

Expert Comment

by:paradoxengine
ID: 17920777
MBSA2 will just tell you some basic informations. I agree with mahe: the tools of the trade are nessus and nmap, if you want to stay on the freeware side of the moon.
If you want some commercial tools, best in my opinions are CoreImpact and Retina.

Some examples:
nmap -n -A -P0 -p- -T Agressive -iL nmap.targetlist -oX nmap.syn.results.xml
nmap -sU -P0 -v -O -p 1-30000 -T polite -iL nmap.targetlist > nmap.udp.results
nmap -sV -P0 -v -p 21,22,23,25,53,80,443,161 -iL nmap.targets > nmap.version.results


These examples come from http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html . You may find this site interesting.
Anyway, if you are really concerned about your security you should hire some security consultants, since doing it yourself might leave you with the wrong assumption you're safe. A professional pentest or security assessment is more than "a run of nessus" :D
0
 
LVL 8

Accepted Solution

by:
deadite earned 2000 total points
ID: 17925434
In additon to MBSA and nmap, you can use tenable newt which can scan a class C network for free.  This will tell you known vulnerabilities and open ports:
http://www.tenablesecurity.com/products/newt.shtml

MBSA is good for checking for passwords and security patches

Symantec offers a free online scan of your system here(individual only):
http://security.symantec.com/

If you are looking more into an Intrusion Detection System IDS) check out SNORT:
http://www.snort.org/

Here is a decent whitepaper from Verisign that outlines some important steps for vulnerability testing:
https://www.verisign.com.au/guide/mss/vulnerabilitytest.pdf

CERT - Has all the info you'll ever need on security, tools, documents on how to secure systems etc
http://www.cert.org/

HERE ARE SOME CERT RECOMMENDATIONS FOR SCANNING
SiLK
http://silktools.sourceforge.net/

AirCERT
http://aircert.sourceforge.net/

OCTAVE:
http://www.cert.org/octave/

0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question