Server security test

[adripillo]

Is there any good program to test a firewall on a server? Like some brute-force attack and massive connection tries? Thanks again.

 

[SirDice]

How about security/nmap and/or security/nessus?

 

[adripillo]

How about security/nmap and/or security/nessus?

The security/nessus is marked BROKEN.

 

[adripillo]

Any chance of getting one that could use with a GUI?

 

[adripillo]

Found security/zenmap that uses a GUI but again, gtk20 failed and so all installation failed.

gmake[3]: *** [all-recursive] Error 1
gmake[3]: Leaving directory `/usr/ports/x11-toolkits/gtk20/work/gtk+-2.24.19/modules/printbackends'
gmake[2]: *** [all-recursive] Error 1
gmake[2]: Leaving directory `/usr/ports/x11-toolkits/gtk20/work/gtk+-2.24.19/modules'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory `/usr/ports/x11-toolkits/gtk20/work/gtk+-2.24.19'
gmake: *** [all] Error 2
*** [do-build] Error code 1

Stop in /usr/ports/x11-toolkits/gtk20.
*** [build] Error code 1

Stop in /usr/ports/x11-toolkits/gtk20.

===>>> make failed for x11-toolkits/gtk20
===>>> Aborting update

===>>> Update for gtk-2.24.18 failed
===>>> Aborting update

===>>> Killing background jobs
Terminated
===>>> Upgrade of libXi-1.7.1_1,1 to libXi-1.7.2,1 complete


===>>> You can restart from the point of failure with this command line:
       portmaster <flags> security/zenmap x11-toolkits/gtk20 x11-toolkits/py-gtk2 

===>>> Exitin

 

[ShelLuser]

What good is testing your security going to be if you're not going to invest some time to try and understand the testing procedures themselves?

When looking at security/nmap it really isn't as difficult as you make it out to be, especially considering that the nmap(1) manual page lists several ready-to-use examples which you can apply right away.

 

[adripillo]

What good is testing your security going to be if you're not going to invest some time to try and understand the testing procedures themselves?

When looking at security/nmap it really isn't as difficult as you make it out to be, especially considering that the nmap(1) manual page lists several ready-to-use examples which you can apply right away.

Yes, but graphical is more "easy" to show to the people that only use Windows. But thank you

 

[Solaris]

Here is the slow comprehensive scan command that i have grabbed from zenmap GUI:

nmap -sS -sU -T4 -A -v -PE -PP -PS80,443 -PA3389 -PU40125 -PY -g 53 --script "default or (discovery and safe)" 123.123.123.123

 

[adripillo]

Here is the slow comprehensive scan command that i have grabbed from zenmap gui :

nmap -sS -sU -T4 -A -v -PE -PP -PS80,443 -PA3389 -PU40125 -PY -g 53 --script "default or (discovery and safe)" 123.123.123.123

Thank you, will try it.

 

[throAU]

Yes, but graphical is more "easy" to show to the people that only use Windows. But thank you

If people only use Windows and can't figure out command line options for nmap (or what the options actually mean, and what they are trying to accomplish), then they really have no business performing security audits.

As far as reporting goes, nmap can output to XML from memory.

 

[adripillo]

If people only use Windows and can't figure out command line options for nmap (or what the options actually mean, and what they are trying to accomplish), then they really have no business performing security audits.

As far as reporting goes, nmap can output to XML from memory.

Yes, but when you need to show the test result in a conference or something, some people there do not understand what you are showing, so graphics for them are more easy.

 

[throAU]

Yes, but when you need to show the test result in a conference or something, some people there do not understand what you are showing, so graphics for them are more easy.

So just dodgy something up in Calc?

Nah, more seriously, nmap definitely does XML output, which you should be able to import into a spreadsheet and do pretty graphs or whatever with