Solved

Checking volunerability of an networking application

Posted on 2013-05-10
6
393 Views
Last Modified: 2013-05-13
What software can I use to explore the volunerability of an application if I know its port number.  I am trying to find out how I can make my application  immune to hacker attack.

My application is running under unix type environment.
0
Comment
Question by:tommym121
6 Comments
 
LVL 61

Accepted Solution

by:
btan earned 200 total points
ID: 39157638
Active or passive scan is good depends on intrusive level. Suggest you check out nmap which well supported and documented to fulfill your scanning.

http://nmap.org/book/vscan.html
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 100 total points
ID: 39157709
nmap will be first choice, but if it uses HTTP then things are not that simple
0
 
LVL 61

Assisted Solution

by:btan
btan earned 200 total points
ID: 39157744
The best case is to do dynamic test and static code scan and manual probes..but do know that production scan and development environment scanning can have different result.  It is never going to be 100% secure or bugless. At least the common low hanging fruits can be surface and rectified.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 2

Assisted Solution

by:GarethM
GarethM earned 100 total points
ID: 39157767
There is a wealth of security testing resources contained in the BackTrack Linux distribution: http://www.backtrack-linux.org/. Some of these may be useful to find common issues. Also, be aware that lots of other factors will contribute to the overall security of the application and you should cover the whole environment in your assessment. For example, be sure that the application is installed on an up-to-date OS, that patches are installed, unnecessary services are removed and so on.
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 100 total points
ID: 39158385
There are some tools that can be used to look for common vulnerabilities in an application. But real security comes from code review done with a great deal of paranoia.
0
 

Author Closing Comment

by:tommym121
ID: 39161054
Thanks
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now