Solved

Checking volunerability of an networking application

Posted on 2013-05-10
6
400 Views
Last Modified: 2013-05-13
What software can I use to explore the volunerability of an application if I know its port number.  I am trying to find out how I can make my application  immune to hacker attack.

My application is running under unix type environment.
0
Comment
Question by:tommym121
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 64

Accepted Solution

by:
btan earned 200 total points
ID: 39157638
Active or passive scan is good depends on intrusive level. Suggest you check out nmap which well supported and documented to fulfill your scanning.

http://nmap.org/book/vscan.html
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 100 total points
ID: 39157709
nmap will be first choice, but if it uses HTTP then things are not that simple
0
 
LVL 64

Assisted Solution

by:btan
btan earned 200 total points
ID: 39157744
The best case is to do dynamic test and static code scan and manual probes..but do know that production scan and development environment scanning can have different result.  It is never going to be 100% secure or bugless. At least the common low hanging fruits can be surface and rectified.
0
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

 
LVL 2

Assisted Solution

by:GarethM
GarethM earned 100 total points
ID: 39157767
There is a wealth of security testing resources contained in the BackTrack Linux distribution: http://www.backtrack-linux.org/. Some of these may be useful to find common issues. Also, be aware that lots of other factors will contribute to the overall security of the application and you should cover the whole environment in your assessment. For example, be sure that the application is installed on an up-to-date OS, that patches are installed, unnecessary services are removed and so on.
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 100 total points
ID: 39158385
There are some tools that can be used to look for common vulnerabilities in an application. But real security comes from code review done with a great deal of paranoia.
0
 

Author Closing Comment

by:tommym121
ID: 39161054
Thanks
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question