8.1. 远程风险评估工具

The tools provided by Debian to perform remote vulnerability assessment are: [55]

• nessus

• raccess

• nikto (whisker‘s replacement)

显然, 最完善和最新的工具是 nessus, 它由一个GUI客户端(nessus), 和一个负责攻击的服务器端(nessusd)组成. Nessus 包括许多系统的远程漏洞如网络工具, ftp 服务器, www 服务器, 等等. 最新版本甚至可以解析网站, 并设法发现可以用于攻击的交互式页面. 并且还提供(没有包含在 Debian 中)用于连接管理服务器的 java 和 Win32 客户端.

nikto is a web-only vulnerability assessment scanner including anti-IDS tactics (most of which are not anti-IDS anymore). It is one of the best cgi-scanners available, being able to detect a WWW server and launch only a given set of attacks against it. The database used for scanning can be easily modified to provide for new information.

[55] Some of them are provided when installing the harden-remoteaudit package.