Fun with SHODAN | Shodanhq.com is awesome. These are fun: http://www.shodanhq.com/search?q=X-Powered-By%3A+PHP%2F5.1.2 Many sites running old PHP from 2006. Edit as desired to find an old php target. http://www.shodanhq.com/search?q=X-AspNet-Version%3A+1.1.4322 Incredible how many sites still use ASP .NET 1.x http://www.shodanhq.com/search?q=%22cisco-ios%22+%22last-modified%22 Web management pages for Cisco devices that have authentication disabled. http://www.shodanhq.com/search?q=Server%3A+Microsoft-IIS%2F5.0+ IIS 5.0 http://www.shodanhq.com/search?q=Server%3A+Apache%2F1. Ancient versions of Apache still in use
Security Dangers of Web Management Interfaces
Security Dangers of Web Management Interfaces | Web management interfaces are an often neglected area in regards to security. Here is a good write up demonstrating how easy it is to find vulnerable web management logins for hacking as well as some best practices: Security Dangers of Web Management Interfaces If you find this topic interesting, you may also be interested in
Vanguard Web App Scanner – Detect XSS and SQL Injection
Vanguard Web App Scanner – Detect XSS and SQL Injection | Vanguard is a web app vulnerability scanner that checks your website for SQL injection and XSS. Vanguard is entirely in perl, so it is easy to modify for your needs. Vanguard works by first doing a port scan with nmap to determine if the host has available HTTP ports, next crawls the entire site, and
How to Check Mail Server for SMTP Over TLS
How to Check Mail Server for SMTP Over TLS | Q. How can I check a server for SMTP over TLS? It is possible to have an SMTP connection use TLS from the sending server to the receiving server to add a pinch of security. Many banks and other security-minded corporations require this to send and receive email. To check the TLS capability of an
Troubleshooting SSH Server Logs and Error Messages
Troubleshooting SSH Server Logs and Error Messages | ssh logs can have various messages that are all difficult to interpret as the exact meaning is all based on the situation or circumstance. Below are some general tips to keep in mind if you run across any of these messages in your logs! Example 1 If you see this, someone is trying random logins
nessus localhost port
nessus localhost port | Q. What is the default port for Nessus? A. https://localhost:8834
Open Source Auditing Tools
Open Source Auditing Tools | Here are various open source tools that are useful for security auditing! If you are a consultant, or an admin that just likes to be on top of his game, these are free open source tools that help audit the security level of workstations and servers in your environment. Note: These are by nature Linux-friendly
Check Site for Malware with Google Safe Browsing
Check Site for Malware with Google Safe Browsing | The following URL can be used to check a site for malware: http://www.google.com/safebrowsing/diagnostic?site=example.com The diagnostic url works to check any site, replacing the domain at the end with the site you wish to check. http://www.google.com/safebrowsing/diagnostic?site=xxxxxxxx.xxx check scottlinux.com Infected? Eek my site is serving up malware! This page has some info on what to do if
Disable SSLv2 in Cyrus IMAP server
Disable SSLv2 in Cyrus IMAP server | Cyrus often ships by default with SSLv2 enabled which can be considered a security vulnerability. Here’s how to disable SSLv2 in your Cyrus IMAP server! 1. Edit the file /etc/imapd.conf sudo nano /etc/imapd.conf Find the following line, and remove the SSLv2 indication where it may be found: Before: tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH After: (below is the Debian
How to Check for SSL Renegotiation
How to Check for SSL Renegotiation | To check if a server allows SSL Renegotiation, you can use the openssl command. I’ll show you how! The commands are as follows: $ openssl s_client -connect yourdomain.com:443 Then after the regular ssl cert info displays, enter the following: GET / HTTP/1.0 R If the server allows renegotiation, it will then have something similar to
