Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Free Website security checker?

  • 31-08-2006 3:03pm
    #1
    Registered Users, Registered Users 2 Posts: 79 ✭✭


    Hi all,

    Ive set up a webserver over my broadband at home and would like to know if anyone knows of any free security checker tool that may be out there. Many of the advertised 'free' ones might do an audit for you but you pay for details on how to fix vulnerabilities etc.

    I'd be surprised if there is one but hope someone can produce the goods!

    Thanks in advance


Comments

  • Registered Users, Registered Users 2 Posts: 2,170 ✭✭✭Serbian


    I don't know of any security checkers myself, but just in case you aren't already aware, many of the Irish broadband providers have a clause in their contract that specifically prohibit hosting a server.

    Having said that, if you only have port 80 open, you are probably physically secure, you just have to make sure your coding is secure!


  • Closed Accounts Posts: 7,145 ✭✭✭DonkeyStyle \o/


    ...and keep the webserver software up to date.
    Maybe also run it using a limited account... I think linux runs webservers as 'nobody' or some such.

    *waits for steve365 to post about how hosting yourself is a false economy* :p


  • Closed Accounts Posts: 70 ✭✭vito


    Well one thing you could do is browse to https://grc.com/x/ne.dll?bh0bkyd2 from the server itself and that site will scan all your ports to look for venerabilities.

    This will help you secure your ports, but the main problem you are going to have is insecure scripts.

    It really depends on what you're running. I would definitely check all your scripts for sql injection vunerabilities if you run sql DB's. Google sql injections and you should find some pretty good overviews of ow the injection works and how to test your own scripts for this.


Advertisement