Manualshelf

User guide

ManualsBrandsRed Hat ManualsOtherENTERPRISE LINUX 4 - SELINUX GUIDE
11121314151617181920
Chapter 1. Security Overview
8
1.2.3.1.1. Using Nmap
Nmap can be run from a shell prompt by typing the nmap command followed by the hostname or IP
address of the machine to scan.
nmap foo.example.com
The results of a basic scan (which could take up to a few minutes, depending on where the host is
located and other network conditions) should look similar to the following:
Interesting ports on foo.example.com:
Not shown: 1710 filtered ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
113/tcp closed auth
Nmap tests the most common network communication ports for listening or waiting services. This
knowledge can be helpful to an administrator who wants to close down unnecessary or unused
services.
For more information about using Nmap, refer to the official homepage at the following URL:
http://www.insecure.org/
1.2.3.2. Nessus
Nessus is a full-service security scanner. The plug-in architecture of Nessus allows users to customize
it for their systems and networks. As with any scanner, Nessus is only as good as the signature
database it relies upon. Fortunately, Nessus is frequently updated and features full reporting, host
scanning, and real-time vulnerability searches. Remember that there could be false positives and false
negatives, even in a tool as powerful and as frequently updated as Nessus.
Note
The Nessus client and server software requires a subscription to use. It has been included in this
document as a reference to users who may be interested in using this popular application.
For more information about Nessus, refer to the official website at the following URL:
http://www.nessus.org/
1.2.3.3. Nikto
Nikto is an excellent common gateway interface (CGI) script scanner. Nikto not only checks for CGI
vulnerabilities but does so in an evasive manner, so as to elude intrusion detection systems. It comes
with thorough documentation which should be carefully reviewed prior to running the program. If you
have Web servers serving up CGI scripts, Nikto can be an excellent resource for checking the security
of these servers.
More information about Nikto can be found at the following URL:
http://cirt.net/nikto2