From: Alvin Oga (alvin.sec@Mail.Linux-Consulting.com)
Date: Tue Jul 15 2003 - 20:16:11 EDT
hi ya
online port scan tools
http://linux-sec.net/Audit/nmap.test.gwif.html
and if you wanna make one ... ( its free and a couple hours work )
-- run apache on www.foo.com/PortScanner
-- write your cgi that when they click submit, your machine
will run nmap or nessus or foo scanner
-- do some disclaimers and limit what the user can scan
( they (supposedly) can only scan their ip#
( just have to treat /30 ip# as /24
( and watch out for target ip# behind a firewall
-- trick will be to setup "sudo namp (options) target-ip# "
c ya
alvin
On Tue, 15 Jul 2003, Domingos Costa wrote:
> Hello,
>
> I'm looking for a web tool that allow a user connected to my lan scan his own computer for
> vulnerabilities. It's something similar to ShieldsUP! at grc.com, but i wanna put it inside my lan,
> at a web server and the user can just click on to start probbing his ports. Do you know some tool??
> I'm working with linux slackware.
>
---------------------------------------------------------------------------
Your network Firewall and IDS products do not prevent Web application
exploits - the most common form of online attack - resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the first and only company that provides a complete and an
integrated suite of Web application security products, allowing you to
assess your entire environment, automatically set positive security
policies and maintain it without compromising business performance.
For more information on KaVaDo and to download a FREE white paper on Web
applications - security policy automation, please visit:
http://www.kavado.com/ad.htm
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:36 EDT