Solved

how to run a vulnerability test on a domain

Posted on 2006-11-10
5
135 Views
Last Modified: 2010-05-18
HELLO,

i want to run some tests and expose the vulnerabilities of our domain from the internet. We dont want to install any tools yet on our servers but we can install any tool needed or run anything from the internet against out domain.
I would like to see if there is any way someone from the internet to see servers on our domain, or connect , or see if we have any ports open , or if anybody from the internet can see if we have ports open..etc
are there any tools or sites i can run these programs or tools ?

i run a re[port from the http://www.dnsreport.com/  which is really nice...

is there anything else ? (it is very important to us)

thanks.
0
Comment
Question by:c_hockland
5 Comments
 
LVL 3

Expert Comment

by:mahe2000
ID: 17915231
you can run nmap (port mapper) or nessus (vulnerability checks) if you want, that will help you and they have good reports. you will need a pc outside your network with this two tools to run them.
0
 

Author Comment

by:c_hockland
ID: 17915278
note :  the "target" network is Windows 2003 based
0
 
LVL 8

Expert Comment

by:Here2Help
ID: 17918852
Hey,

Maybe the Microsoft Baseline Security Analyzer can help.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx
0
 
LVL 9

Expert Comment

by:paradoxengine
ID: 17920777
MBSA2 will just tell you some basic informations. I agree with mahe: the tools of the trade are nessus and nmap, if you want to stay on the freeware side of the moon.
If you want some commercial tools, best in my opinions are CoreImpact and Retina.

Some examples:
nmap -n -A -P0 -p- -T Agressive -iL nmap.targetlist -oX nmap.syn.results.xml
nmap -sU -P0 -v -O -p 1-30000 -T polite -iL nmap.targetlist > nmap.udp.results
nmap -sV -P0 -v -p 21,22,23,25,53,80,443,161 -iL nmap.targets > nmap.version.results


These examples come from http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html . You may find this site interesting.
Anyway, if you are really concerned about your security you should hire some security consultants, since doing it yourself might leave you with the wrong assumption you're safe. A professional pentest or security assessment is more than "a run of nessus" :D
0
 
LVL 8

Accepted Solution

by:
deadite earned 500 total points
ID: 17925434
In additon to MBSA and nmap, you can use tenable newt which can scan a class C network for free.  This will tell you known vulnerabilities and open ports:
http://www.tenablesecurity.com/products/newt.shtml

MBSA is good for checking for passwords and security patches

Symantec offers a free online scan of your system here(individual only):
http://security.symantec.com/

If you are looking more into an Intrusion Detection System IDS) check out SNORT:
http://www.snort.org/

Here is a decent whitepaper from Verisign that outlines some important steps for vulnerability testing:
https://www.verisign.com.au/guide/mss/vulnerabilitytest.pdf

CERT - Has all the info you'll ever need on security, tools, documents on how to secure systems etc
http://www.cert.org/

HERE ARE SOME CERT RECOMMENDATIONS FOR SCANNING
SiLK
http://silktools.sourceforge.net/

AirCERT
http://aircert.sourceforge.net/

OCTAVE:
http://www.cert.org/octave/

0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now