Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

how to run a vulnerability test on a domain

Posted on 2006-11-10
5
Medium Priority
?
145 Views
Last Modified: 2010-05-18
HELLO,

i want to run some tests and expose the vulnerabilities of our domain from the internet. We dont want to install any tools yet on our servers but we can install any tool needed or run anything from the internet against out domain.
I would like to see if there is any way someone from the internet to see servers on our domain, or connect , or see if we have any ports open , or if anybody from the internet can see if we have ports open..etc
are there any tools or sites i can run these programs or tools ?

i run a re[port from the http://www.dnsreport.com/  which is really nice...

is there anything else ? (it is very important to us)

thanks.
0
Comment
Question by:c_hockland
5 Comments
 
LVL 3

Expert Comment

by:mahe2000
ID: 17915231
you can run nmap (port mapper) or nessus (vulnerability checks) if you want, that will help you and they have good reports. you will need a pc outside your network with this two tools to run them.
0
 

Author Comment

by:c_hockland
ID: 17915278
note :  the "target" network is Windows 2003 based
0
 
LVL 8

Expert Comment

by:Here2Help
ID: 17918852
Hey,

Maybe the Microsoft Baseline Security Analyzer can help.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx
0
 
LVL 9

Expert Comment

by:paradoxengine
ID: 17920777
MBSA2 will just tell you some basic informations. I agree with mahe: the tools of the trade are nessus and nmap, if you want to stay on the freeware side of the moon.
If you want some commercial tools, best in my opinions are CoreImpact and Retina.

Some examples:
nmap -n -A -P0 -p- -T Agressive -iL nmap.targetlist -oX nmap.syn.results.xml
nmap -sU -P0 -v -O -p 1-30000 -T polite -iL nmap.targetlist > nmap.udp.results
nmap -sV -P0 -v -p 21,22,23,25,53,80,443,161 -iL nmap.targets > nmap.version.results


These examples come from http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html . You may find this site interesting.
Anyway, if you are really concerned about your security you should hire some security consultants, since doing it yourself might leave you with the wrong assumption you're safe. A professional pentest or security assessment is more than "a run of nessus" :D
0
 
LVL 8

Accepted Solution

by:
deadite earned 2000 total points
ID: 17925434
In additon to MBSA and nmap, you can use tenable newt which can scan a class C network for free.  This will tell you known vulnerabilities and open ports:
http://www.tenablesecurity.com/products/newt.shtml

MBSA is good for checking for passwords and security patches

Symantec offers a free online scan of your system here(individual only):
http://security.symantec.com/

If you are looking more into an Intrusion Detection System IDS) check out SNORT:
http://www.snort.org/

Here is a decent whitepaper from Verisign that outlines some important steps for vulnerability testing:
https://www.verisign.com.au/guide/mss/vulnerabilitytest.pdf

CERT - Has all the info you'll ever need on security, tools, documents on how to secure systems etc
http://www.cert.org/

HERE ARE SOME CERT RECOMMENDATIONS FOR SCANNING
SiLK
http://silktools.sourceforge.net/

AirCERT
http://aircert.sourceforge.net/

OCTAVE:
http://www.cert.org/octave/

0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
2017 was a scary year for cyber security.  Hear what our security experts say that hackers have in store for us in 2018.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question