ServerBuddies Support Blog

Nikto2 web server assessment tool Install.

Nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

Installation

Any system which supports a basic Perl installation should allow Nikto to run. For SSL support the Net::SSLeay Perl module must be installed (which in turn requires OpenSSL on the Unix platform).

Download - http://cirt.net/nikto/nikto-2.1.3.tar.bz2

Unpack the download file:

Basic Testing
The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:

To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:

Nikto web server assessment tool

nikto - web server security scanner

Nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server.

Requirements

Any system which supports a basic PERL installation should allow Nikto to run. It has been extensively tested on. For SSL support the Net::SSLeay PERL module must be installed (which in turn requires OpenSSL on the Unix platform).

The nmap scanner can also be used, if desired. In some cases using nmap will slow down Nikto execution, as it must call an external program. For scanning many ports across one or more servers, using nmap will be faster than using Nikto’s internal PERL scanning.

Download

Unpack the download file:

Basic Testing

The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:

To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:

Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:

There is no need to specify that port 443 may be SSL, as Nikto will first test regular HTTP and if that fails, HTTPS. If you are sure it is an SSL server, specifying -s (-ssl) will speed up the test.

Scanning Hosts with Nmap for vulnerability assessment.

Using Nmap

Nmap can be run from a shell prompt by typing the nmap command followed by the hostname or IP address of the machine to scan.

Administrators can use Nmap on a network to find host systems and open ports on those systems.

Nmap is a popular tool included in Red Hat Enterprise Linux that can be used to determine the layout of a network. Nmap has been available for many years and is probably the most often used tool when gathering information. An excellent man page is included that provides a de-
tailed description of its options and usage.

Nmap is a competent first step in vulnerability assessment. You can map out all the hosts within your network and even pass an option that allows Nmap to attempt to identify the operating system running on a particular host.

For more information about using Nmap, refer to the official homepage at the following URL: http://www.insecure.org/