Ports Scanner - Security

[rmxs]

Hello,

Every one know that many companys like mcaffee have something like HACKER SAFE scanner..

I know that search the servers and ips for open ports and Vulnerabilitys.
I talk with one company and need 1700euro per year for 4 ips....

My question is you have any idea how can i make my own system to scan my own server for open ports?
I thing there is some win applications byt i dont know were i fount it

Thanks

 

[Oleg_Bkk]

Thanks

Webstress tool

 

[rmxs]

Its not port scanner programm byt stress tool for server.

Make xxx hits to test server

 

[MadHag]

Zenmap

I use nmap with the zenmap gui to have a good sniff around my server.

http://nmap.org/zenmap/ Give me an ip and I have a look muhahaha

David

 

[nobaloney]

Bad idea, MadHag, even though meant in jest.

Port scans should only be done from within your network, and only after getting permission from both server upstream provider (because the scan will hit their router).

Otherwise you could find your server shut down, depending on how your provider reacts to a perceived network attack.

If you portscan from outside your network, your ISP could shut down your Internet connection as well, seeing you as a bad guy.

Jeff

 

[rmxs]

within the network how its possible?
im in greece and the server is in DA TX.
Can my datacenter scan for me?

 

[MadHag]

Nmap

It's a networking tool and I have never had a problem.

I have my own dedicated server and I can pretty much do what I like with it and checking it's security is down to me so I like to fire a few shots at it.

Scanning other peoples is another matter as has just been pointed out.

You can run netstat from a ssh session that will tell you what network services are running in and out if that's any help.

If you have your own dedicated zenmap is a cool tool but I suppose for the safe side check your provider.

Probably by this time you already have it installed

David

 

[Oleg_Bkk]

David

David, hope you'll do fine
- there's a tool to check how bad is your box - called Goolag Scanner. Nothing is better, imho.

 

[MadHag]

Goolag

Thanks, I will try it, I notice I have some ports open that maybe should'nt be or just not need to be open.

Goolag sounds like it's from Google Have you tried their new browser? I quite like it.

David

EDIT......

Actually, I will look a bit closer at goolag, some of the language and attitude I don't like.

 

[Oleg_Bkk]

David, the scanner we are talking about - is pretty powerfull tool. Although it is written with some "bad ass" attitude, true. The point is simple - you can check your server weaknesses within 30minutes, from your desktop - anytime. And it is free.
No, it is not related to Google. There were chain of prisons called "G- U - Lag" "the State Department of Camps" - to translate it from russian. hence the joke
Coogle Chrome is the coolest toy. I use Opera and FF though.
good luck!