Проверка безопасности Web сервера на Linux
Оцените эту статью
Если вам необходимо базово проверить безопасность web контента вашего сервера, можно воспользоваться утилитой Nikto2. Она позволяет найти всякие куски сайта вроде test2.php, index_.php и прочее, так же утилиты управления вроде /pma или phpmyadmin. Если находит скрипты то проверяет их на наличие багов. Запустить программу можно:
./nikto.pl -host localhost
Пример работы:
—————————————————————————
+ 0 host(s) tested
[[email protected] nikto-2.1.5]# ./nikto.pl -host localhost
— Nikto v2.1.5
—————————————————————————
+ Target IP:          176.9.178.255
+ Target Hostname:    localhost
+ Target Port:        80
+ Start Time:         2014-05-05 10:36:26 (GMT4)
—————————————————————————
+ Server: nginx/1.2.6
+ Cookie PHPSESSID created without the httponly flag
+ Retrieved x-powered-by header: PHP/5.3.3
+ The anti-clickjacking X-Frame-Options header is not present.
+ No CGI Directories found (use \’-C all\’ to force check all possible dirs)
+ Cookie roundcube_sessid created without the httponly flag
+ Uncommon header \’x-dns-prefetch-control\’ found, with contents: off
+ Uncommon header \’x-frame-options\’ found, with contents: sameorigin
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-3092: /admin/: This might be interesting…
+ OSVDB-3093: /admin/index.php: This might be interesting… has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /cutenews/comments.php: This might be interesting… has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /cutenews/search.php: This might be interesting… has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /shop/search.php: This might be interesting… has been seen in web logs from an unknown scanner.
+ OSVDB-3268: /icons/: Directory indexing found.
+ Server leaks inodes via ETags, header found with file /icons/README, inode: 132146, size: 5108, mtime: 0x438c0358aae80
+ OSVDB-3233: /icons/README: Apache default file found.
Есть проблемы с безопасностью сервера ? Обращайтесь — [email protected]