Ask a Question related to ASP.NET Security, Design and Development.
-
Dinis Cruz #1
Asp.Net Security Analyser (new security tool by DDPlus)
Hello
I'm happy to announce that we (DDPlus) have just released the first
stable version of our new Open Source Project: the Asp.Net Security
Analyser (ANSA)
Asp.Net Security Analyser (ANSA) is a Open Source, Windows based,
online tool, that tests the server's security for known
vulnerabilities and mis-configurations. The tool was initially
designed to allow the protection of ISPs that provide shared hosting
services. You can download the source code, use it in your servers and
distribute it to who ever you feel appropriate.
The project's objective is to create an Open Source tool that allows
system administrators (responsible for windows based shared hosting
environments) to easily identify and solve existent security problems.
The current version is focused on identifying security vulnerabilities
such as: remote command execution, pour website isolation (i.e. the
user from website A can see the data from website B), disclosure of
sensitive information (such as usernames/passwords, running processes,
installed services), ability to do a server based port scan, etc..
Eventually the tool should evolve to a "Asp.Net Security Configuration
Tool" where it will also allow the SysAdmins to securely configure
their servers
This project is currently hosted in a Workspace in GotDotNet
([url]www.gotdotnet.com[/url]) and this is the direct link to the project:
[url]http://www.gotdotnet.com/Community/Workspaces/Workspace.aspx?id=36ae9a2c-8740-4b52-924e-320edf64fba5[/url]
(if this link doesn't work please visit this page
[url]http://www.gotdotnet.com/community/workspaces/directory.aspx[/url] and
search for 'ANSA')
Thanks for your time, and don't hesitate to contact me if you require
any further help.
Dinis Cruz
..Net Security Consultant
DDPlus
[email]dinis@ddplus.net[/email]
Dinis Cruz Guest
-
Change Flash Security Settings? Security ManagerOffline?
Hello I have downloaded firefox and flash player, I have content which when I run it, flash blocks it wisely and reports that the page is trying... -
Security - Best Encryption Tool
Hi I need to store the credit card information in my database. I have been looking for some third party tools which could provide encryption for... -
Security tool to check CGI scripts for security holes/vulnerabities
I'm searching for a good security tool that I can use regularly to scan all the programs/scripts in my web servers cgi-bin directory to identify... -
Dotnet, IIS5.0 and IIS lockdown/hardening tool/security
We have a web service built with the 1.1 framework and we are targeting server machines running IIS 5.0+. We have been advised to run the IIS... -
[ANN] iCanary 1.0 FileMaker's premier security tool
SECRET WEAPON LABS UNLEASHES FIRST OF ITS KIND SECURITY APPLICATION FOR FILEMAKER DATABASES - iCANARY 1.0 iCanary provides quick and simple... -
Stefan #2 Re: Asp.Net Security Analyser (new security tool by DDPlus)
I can't get it work.
I've always benn redirected to a login page???
"Dinis Cruz" <dinis@ddplus.net> wrote in message
news:701fd6b6.0310072039.5820b34c@posting.google.c om...[url]http://www.gotdotnet.com/Community/Workspaces/Workspace.aspx?id=36ae9a2c-8740-4b52-924e-320edf64fba5[/url]> Hello
>
> I'm happy to announce that we (DDPlus) have just released the first
> stable version of our new Open Source Project: the Asp.Net Security
> Analyser (ANSA)
>
> Asp.Net Security Analyser (ANSA) is a Open Source, Windows based,
> online tool, that tests the server's security for known
> vulnerabilities and mis-configurations. The tool was initially
> designed to allow the protection of ISPs that provide shared hosting
> services. You can download the source code, use it in your servers and
> distribute it to who ever you feel appropriate.
>
> The project's objective is to create an Open Source tool that allows
> system administrators (responsible for windows based shared hosting
> environments) to easily identify and solve existent security problems.
>
> The current version is focused on identifying security vulnerabilities
> such as: remote command execution, pour website isolation (i.e. the
> user from website A can see the data from website B), disclosure of
> sensitive information (such as usernames/passwords, running processes,
> installed services), ability to do a server based port scan, etc..
>
> Eventually the tool should evolve to a "Asp.Net Security Configuration
> Tool" where it will also allow the SysAdmins to securely configure
> their servers
>
> This project is currently hosted in a Workspace in GotDotNet
> ([url]www.gotdotnet.com[/url]) and this is the direct link to the project:
>> (if this link doesn't work please visit this page
> [url]http://www.gotdotnet.com/community/workspaces/directory.aspx[/url] and
> search for 'ANSA')
>
> Thanks for your time, and don't hesitate to contact me if you require
> any further help.
>
>
> Dinis Cruz
> .Net Security Consultant
> DDPlus
> [email]dinis@ddplus.net[/email]
Stefan Guest
-
Dinis Cruz #3 Re: Asp.Net Security Analyser (new security tool by DDPlus)
Hello
The Asp.Net Security Analyser must be copied to an website that accepts
Anonymous requests.
The idea is to test the security of your server in normal circunstances.
If you login has an administrator then all scripts will be executed with
administrative rights, which defeats the principle of the exercise.
Hope this helps
Dinis Cruz
..Net Security Consultant
DDPlus ([url]www.ddplus.net[/url])
*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!
Dinis Cruz Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
