Solved

how to run a vulnerability test on a domain

Posted on 2006-11-10
5
139 Views
Last Modified: 2010-05-18
HELLO,

i want to run some tests and expose the vulnerabilities of our domain from the internet. We dont want to install any tools yet on our servers but we can install any tool needed or run anything from the internet against out domain.
I would like to see if there is any way someone from the internet to see servers on our domain, or connect , or see if we have any ports open , or if anybody from the internet can see if we have ports open..etc
are there any tools or sites i can run these programs or tools ?

i run a re[port from the http://www.dnsreport.com/  which is really nice...

is there anything else ? (it is very important to us)

thanks.
0
Comment
Question by:c_hockland
5 Comments
 
LVL 3

Expert Comment

by:mahe2000
ID: 17915231
you can run nmap (port mapper) or nessus (vulnerability checks) if you want, that will help you and they have good reports. you will need a pc outside your network with this two tools to run them.
0
 

Author Comment

by:c_hockland
ID: 17915278
note :  the "target" network is Windows 2003 based
0
 
LVL 8

Expert Comment

by:Here2Help
ID: 17918852
Hey,

Maybe the Microsoft Baseline Security Analyzer can help.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx
0
 
LVL 9

Expert Comment

by:paradoxengine
ID: 17920777
MBSA2 will just tell you some basic informations. I agree with mahe: the tools of the trade are nessus and nmap, if you want to stay on the freeware side of the moon.
If you want some commercial tools, best in my opinions are CoreImpact and Retina.

Some examples:
nmap -n -A -P0 -p- -T Agressive -iL nmap.targetlist -oX nmap.syn.results.xml
nmap -sU -P0 -v -O -p 1-30000 -T polite -iL nmap.targetlist > nmap.udp.results
nmap -sV -P0 -v -p 21,22,23,25,53,80,443,161 -iL nmap.targets > nmap.version.results


These examples come from http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html . You may find this site interesting.
Anyway, if you are really concerned about your security you should hire some security consultants, since doing it yourself might leave you with the wrong assumption you're safe. A professional pentest or security assessment is more than "a run of nessus" :D
0
 
LVL 8

Accepted Solution

by:
deadite earned 500 total points
ID: 17925434
In additon to MBSA and nmap, you can use tenable newt which can scan a class C network for free.  This will tell you known vulnerabilities and open ports:
http://www.tenablesecurity.com/products/newt.shtml

MBSA is good for checking for passwords and security patches

Symantec offers a free online scan of your system here(individual only):
http://security.symantec.com/

If you are looking more into an Intrusion Detection System IDS) check out SNORT:
http://www.snort.org/

Here is a decent whitepaper from Verisign that outlines some important steps for vulnerability testing:
https://www.verisign.com.au/guide/mss/vulnerabilitytest.pdf

CERT - Has all the info you'll ever need on security, tools, documents on how to secure systems etc
http://www.cert.org/

HERE ARE SOME CERT RECOMMENDATIONS FOR SCANNING
SiLK
http://silktools.sourceforge.net/

AirCERT
http://aircert.sourceforge.net/

OCTAVE:
http://www.cert.org/octave/

0

Featured Post

Register Today - IoT Current and Future Threats

Are you prepared to protect your organization from current and future IoT Threats?  Join our Wi-Fi expert in episode three of our webinar series for a look at the current state of Wi-Fi IoT and what may lie ahead. Register for our live webinar on April 20th at 9 am PDT!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OnPage: Incident management and secure messaging on your smartphone
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question