These days, there are unfortunately far too
many people who would love to bring down your organization’s Web
servers, either directly or indirectly. If your company is serious
about Web server security and availability–and you should be–you
should consider all options available to help you not only monitor
servers for intrusion but also analyze them for
Would-be intruders focus a large majority of
their attack attempts on known vulnerabilities. Therefore, you can
significantly improve server security by identifying and closing
Here are a couple of tools that will help you
do just that: SiteDigger and SSLDigger. Both tools are available
from Foundstone, a division of McAfee.
SiteDigger uses a special search syntax to
search Google’s cache to identify potential vulnerabilities,
errors, configuration issues, proprietary information, and details
of other potential security problems with the domain that you
specify. Of course, that means Google must have already crawled the
specified domain, and it must exist within Google’s cache.
SSLDigger tests the server for potential
security risks associated with SSL. It assesses the strength of SSL
servers by testing the ciphers supported.
For more information, check out the
SSLDigger Web pages on Foundstone’s Web site.
Want more Win2K tips and tricks? Automatically sign up for our free Windows 2000 Server newsletter, delivered each Tuesday!