linux poison RSS
linux poison Email

Checking Webserver Vulnerabilities using Nikto

Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is built on LibWhisker and can run any platform which has a Perl environment, and supports SSL, proxies, host authentication, IDS evasion and more.

Nikto not only checks for CGI vulnerabilities but does so in an evasive manner, so as to elude intrusion detection systems. It comes with thorough documentation which should be carefully reviewed prior to running the program. If you have Web servers serving up CGI scripts, Nikto can be an excellent resource for checking the security of these servers.

Installation:
OpenSuSe user can install nikto using "1-click" installer - here
Ubuntu / Debian: $ sudo apt-get install nikto

Using Nikto:
The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.1.2 on TCP port 80: nikto -h 192.168.1.2




To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:  
nikto -h 192.168.1.2 -p 443
Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:
nikto -h https://192.168.0.1:443/
Updating
Nikto can be automatically updated, To update to the latest plugins and databases, simply run Nikto with the -update command: nikto -update

If updates are available, you will see a list of the files getting downloaded.

 


2 comments:

Post a Comment

Related Posts with Thumbnails