Solved

Checking volunerability of an networking application

Posted on 2013-05-10
6
399 Views
Last Modified: 2013-05-13
What software can I use to explore the volunerability of an application if I know its port number.  I am trying to find out how I can make my application  immune to hacker attack.

My application is running under unix type environment.
0
Comment
Question by:tommym121
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 63

Accepted Solution

by:
btan earned 200 total points
ID: 39157638
Active or passive scan is good depends on intrusive level. Suggest you check out nmap which well supported and documented to fulfill your scanning.

http://nmap.org/book/vscan.html
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 100 total points
ID: 39157709
nmap will be first choice, but if it uses HTTP then things are not that simple
0
 
LVL 63

Assisted Solution

by:btan
btan earned 200 total points
ID: 39157744
The best case is to do dynamic test and static code scan and manual probes..but do know that production scan and development environment scanning can have different result.  It is never going to be 100% secure or bugless. At least the common low hanging fruits can be surface and rectified.
0
Create Professional Looking Email Signatures

Create "Professional HTML Email Signatures" with ease.
7 Day Money Back Guarantee if not 100% Satisfied.
Affordable - Try it out for 7 Days Totally Risk Free.
Installers provided for over 45 Email clients.
Both Windows & MAC Supported.
Highly Recommended!

 
LVL 2

Assisted Solution

by:GarethM
GarethM earned 100 total points
ID: 39157767
There is a wealth of security testing resources contained in the BackTrack Linux distribution: http://www.backtrack-linux.org/. Some of these may be useful to find common issues. Also, be aware that lots of other factors will contribute to the overall security of the application and you should cover the whole environment in your assessment. For example, be sure that the application is installed on an up-to-date OS, that patches are installed, unnecessary services are removed and so on.
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 100 total points
ID: 39158385
There are some tools that can be used to look for common vulnerabilities in an application. But real security comes from code review done with a great deal of paranoia.
0
 

Author Closing Comment

by:tommym121
ID: 39161054
Thanks
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question