Nikto2 & PatrolServer: check server vulnerabilities

security_compWe explored testssl earlier to keep your system safe from SSL vulnerabilities. But SSL is not the only package that might have security issues. If you care about your headless server you might want to have a solid resistance including as many packages as possible.

This article explores vulnerability scanners Nikto2 and PatrolServer. Both of them can be triggered on the fly or scheduled to run regular checks.

Nikto2

Nikto2 is a server scanner. It checks your web server by connecting from outside over a port on which the server is listening. It detects 6700 potentially dangerous files/programs, checks outdated versions of over 1250 servers and version specific problems on over 270 servers.

Features

  • SSl support
  • HTTP proxy support
  • Checks for outdated server components
  • Scan multiple ports on a server, or multiple servers via input file (including nmap output)
  • Identifies installed software via headers, favicons and files
  • Guess credentials for authorization realms (including many default id/pw combos)
  • Scan tuning to include or exclude entire classes of vulnerability checks
  • Enhanced false positive reduction via multiple methods: headers, page content, and content hashing
  • Easily updated via command line
  • Customize reports, save in multiple formats

Installation

To install on Ubuntu (working as the client system), run:

$ apt-get install wget unzip libnet-ssleay-perl libwhisker2-perl openssl
$ sudo apt-get install nikto
$ perl nikto.pl -update

Usage

Basic usage is as simple as:

$ perl nikto.pl -h yourwebsite.com -o scan.htm
$ perl nikto.pl -h 192.168.0.5 -p 80,443,999

nikto2 tries SSL connection automatically if non-SSL attempt fails.

PatrolServer

PatrolServer is a bash script to check your server from within. It tests for outdated packages and known vulnerabilities. Currently it supports 54,900+ software packages and the list is growing. It is a standard solution for administrators with automatic detection mails.

In this article we will explore the bash scanner. Though it can work as a standalone utility, you may consider creating an account in PatrolServer website to view detailed scan reports and guidelines to secure your server.

Installation

$ wget https://raw.githubusercontent.com/PatrolServer/bash-scanner/master/patrolserver

Usage

$ bash patrolserver

Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s