Reading Internet

Aug 03, 2007 07:40 # 44833

ginsterbusch *** has an idea...

Security scanner

?% | 1

I'm sometimes checking out the ticket support system of a friend of mine. Today, I read a message he sent out to a customer, that this guy's account would be temporarely closed because of a big security breach in his Joomla! install. Not only has it been massively infected with Worm data, but also has been used to send tons of spam mail.

So up comes the idea: Why not buillt a mere scan tool which would be started frequently (using cron/anacron) to scan a single server system for possible security holes of apps written in PHP, Perl and similar programming languages.

For starters, this tool should just scan bigger. commonly used OSS projects like Joomla, WordPress, osCommerce, phpBB, phpNuke, etc.

Probably there's something like this already out there - but if not so, who wants to get a head start with this? And if so, where could I possibly find such tools?

Thanks for listening to my brawlings,
cu, w0lf.

beards are cool. every villain has one!

This post was edited by ginsterbusch on Aug 03, 2007.

Aug 03, 2007 17:30 # 44835

null throws in his two cents...

Re: Security scanner

My FreeBSD server sends me a daily security status mail including the output of portaudit (English thinggie here). It doesn't get much easier than that :-)

When life hands you a lemon, that's 40% of your RDA of vitamin C taken care of.

This post was edited by null on Aug 03, 2007.


Small text Large text

Netalive Amp (Skin for Winamp)