Thursday, July 16, 2009

Howto Check your webserver for vulnerabilities : Nikto a website scanner



Nikto is an Open Source (GPL) web server scanner which scans your webserver against more than 3500 dangerous files/CGIs, outdated version checking, It has a very good plugin support
Official site
To install in ubuntu / debian
$ sudo apt-get install nikto

Full installation of nikto will offer lot of options
$ nikto will give the list of options

For simple test

$ sudo nikto -h www.yoursite.com

output will we like this
abc@abc-desktop:~$ sudo nikto -h www.xxxx.com
- Nikto v2.03/2.04
---------------------------------------------------------------------------
+ Target IP: 210.222.232.234 (fake value)
+ Target Hostname: www.xxxx.com
+ Target Port: 80
+ Start Time: 2009-07-17 22:06:29
---------------------------------------------------------------------------
+ Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny3 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
- Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP method ('Allow' Header): 'TRACE' is typically only used for debugging and should be disabled. This message does not mean it is vulnerable to XST.
+ OSVDB-0: ETag header found on server, inode: 3965147, size: 2857, mtime: 0x433a88acc26c0
+ PHP/5.2.6-1+lenny3 appears to be outdated (current is at least 5.2.6RC4)
+ mod_perl/2.0.4 appears to be outdated (current is at least 5.8)

No comments: