Security Basics mailing list archives

Re: Please help ! need to check IIS volunrabilities.

From: miguel.dilaj () pharma novartis com
Date: Tue, 23 Nov 2004 08:55:25 +0000

Hi Juan,

Don't worry, no one is perfect. You'll surely improve over time ;-)

Now to your question. Don't throw everything but the kitchen sink to the 
server. Usually one or two vulnerability assessment tools are more than 
enough, and Nessus (if kept up to date) is fairly reliable.
The questions you've to ask are different, for example (and in no 
particular order):

1) I'm running IIS, Apache, whatever, and Nessus reports problem XXXXX. Do 
I know how to verify if this problem is true or a false positive. If it's 
true... Do I know how to patch it?
2) How often do I update Nessus (main executable) and the NASL plugins?
3) Are my servers running any kind of web application that can be prone to 
other types of attacks? (Examples: password bruteforcing, SQL Injection, 
path/information disclosure, command execution, Java/ASP/whatever source 
code disclosure, etc)
4) Are there any OTHER avenues of attack other than the webservers? Other 
services? Other servers? Vulnerable network devices?
5) Is the configuration of the DMZ "watertight"? (In particular: 
connections STARTING in the DMZ must be forbidden).
6) Do a port scan to all machines/devices in the DMZ, deactivate anything 
that's not needed, and keep that information as your baseline
7) etc ;-)

You can combine Nessus with Nikto to help *a bit* with web application 
testing, if you're using one or more web apps, but the art of pen-testing 
web applications hasn't been automated, yet ;-)

Last words: start to learn and practice to BE a hacker. At least to think 
like one. Remember that hackers are not bad guys, it's just the bad press.
Cheers,

Miguel
aka Nekromancer






Juan B <juanbabi () yahoo com>
22/11/2004 14:56

 
        To:     security-basics () securityfocus com
        cc:     (bcc: Miguel Dilaj/PH/Novartis)
        Subject:        Please help ! need to check IIS volunrabilities.


Hi,

Im a sys admin new to security,

I want to scan all the web servers we have in the DMZ
for volunrabilities I check them with Retina and
Nessus.

What else to check? and with which tool ?

I AM NOT A HACKER !

thanks !!


 
__________________________________ 
Do you Yahoo!? 
The all-new My Yahoo! - Get yours free! 
http://my.yahoo.com

Current thread:

Please help ! need to check IIS volunrabilities. Juan B (Nov 22)
- Re: Please help ! need to check IIS volunrabilities. Byron Copeland (Nov 22)
- Re: Please help ! need to check IIS volunrabilities. Kevin Carlson (Nov 22)
- <Possible follow-ups>
- Re: Please help ! need to check IIS volunrabilities. Doug Massey (Nov 22)
  - RE: Please help ! need to check IIS volunrabilities. Robert Hines (Nov 23)
  - RE: Please help ! need to check IIS volunrabilities. dave kleiman (Nov 23)
- Re: Please help ! need to check IIS volunrabilities. miguel . dilaj (Nov 23)
- RE: Please help ! need to check IIS volunrabilities. Beauford, Jason (Nov 23)