44 unread replies.44 replies.
Review the sample Web server scan given in the text sheet entitled “Web Server Vulnerability Analysis” and answer the following questions:
Web Server Vulnerability Analysis
Sample Web Server Scan
Using the following Nikto output, identify potential vulnerabilities and issues with the scanned system.
– Nikto v2.1.0
+ Target IP: 192.168.2.111
+ Target Hostname: 192.168.2.111
+ Target Port: 80
+ Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch
– Root page / redirects to: login.php
+ OSVDB-0: robots.txt contains 1 entry which should be manually viewed.
+ OSVDB-0: Apache/2.2.8 appears to be outdated (current is at least Apache/2.2.14). Apache 1.3.41 and 2.0.63 are also current.
+ OSVDB-0: Number of sections in the version string differ from those in the database, the server reports: 220.127.116.11.18.104.22.168.22.214.171.124.10 while the database has: 5.2.8. This may cause false positives.
+ OSVDB-0: PHP/5.2.4-2ubuntu5.10 appears to be outdated (current is at least 5.2.8)
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-0: ETag header found on server, inode: 1681, size: 26, mtime: 0x46dfa70e2b580
+ OSVDB-0: /config/: Configuration information may be available remotely.
+ OSVDB-0: /php.ini: This file should not be available through the web interface
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3268: /config/: Directory indexing is enabled: /config/
+ OSVDB-3092: /login/: This might be interesting…
+ OSVDB-3092: /setup/: This might be interesting…
+ OSVDB-3268: /icons/: Directory indexing is enabled: /icons
+ OSVDB-3268: /docs/: Directory indexing is enabled: /docs
+ OSVDB-3092: /README: README file found.
+ OSVDB-3092: /CHANGELOG.txt: A changelog was found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ 3588 items checked: 17 item(s) reported on remote host
+ 1 host(s) tested
Answer the following:
1-What vulnerabilities were found?
2-What risks do they create?
3-How could they be remediated?
We value our customers and so we ensure that what we do is 100% original..
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.Read more
The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.Read more
The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.Read more
By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.Read more