From: Buz Dale (buz.dale@usg.edu)
Date: Thu Feb 09 2006 - 08:02:36 EST
> To all:
>
> I have been asked to perform a security audit of 1 IP address for client.
> They have given me the 1 IP address and a clue (webblaze).
>
> If I enter the IP address and then /webblaze, I am taken to a login page
> (user name and password requested).
>
> What tools would you recommend that I use for this assignment?
Go ahead and run nmap and nessus against the box. Hopefully this will
give you some infromation such as what OS, what webserver and if any
other ports are listening. If you can get info on the OS and httpd
versions you can then look for exploits or problems. Also you might
google "webblaze". you might find some interesting info there and some
other places to look. "iblaze server?" (By googling "webblaze" I'm
pretty sure this is on a WinOS and that makes me think IIS.
Luck,
Buz
>
>
> Thanks for your help.
>
> Regards,
>
>
> Edmond
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:28 EDT