Solved

Checking volunerability of an networking application

Posted on 2013-05-10
6
395 Views
Last Modified: 2013-05-13
What software can I use to explore the volunerability of an application if I know its port number.  I am trying to find out how I can make my application  immune to hacker attack.

My application is running under unix type environment.
0
Comment
Question by:tommym121
6 Comments
 
LVL 62

Accepted Solution

by:
btan earned 200 total points
ID: 39157638
Active or passive scan is good depends on intrusive level. Suggest you check out nmap which well supported and documented to fulfill your scanning.

http://nmap.org/book/vscan.html
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 100 total points
ID: 39157709
nmap will be first choice, but if it uses HTTP then things are not that simple
0
 
LVL 62

Assisted Solution

by:btan
btan earned 200 total points
ID: 39157744
The best case is to do dynamic test and static code scan and manual probes..but do know that production scan and development environment scanning can have different result.  It is never going to be 100% secure or bugless. At least the common low hanging fruits can be surface and rectified.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 2

Assisted Solution

by:GarethM
GarethM earned 100 total points
ID: 39157767
There is a wealth of security testing resources contained in the BackTrack Linux distribution: http://www.backtrack-linux.org/. Some of these may be useful to find common issues. Also, be aware that lots of other factors will contribute to the overall security of the application and you should cover the whole environment in your assessment. For example, be sure that the application is installed on an up-to-date OS, that patches are installed, unnecessary services are removed and so on.
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 100 total points
ID: 39158385
There are some tools that can be used to look for common vulnerabilities in an application. But real security comes from code review done with a great deal of paranoia.
0
 

Author Closing Comment

by:tommym121
ID: 39161054
Thanks
0

Featured Post

ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question