Review The Sample Web Server Scan Given In The Text Sheet Entitled “Web Server Vulnerability Analysis” And Answer The Following Questions: Web Server Vulnerability Analysis Sample Web Server Scan Using The Following Nikto Output, Identify Potential Vul

D5: Web server vulnerability analysis

44 unread replies.44 replies.

Review the sample Web server scan given in the text sheet entitled “Web Server Vulnerability Analysis” and answer the following questions:

Web Server Vulnerability Analysis

Save your time - order a paper!

Get your paper written from scratch within the tight deadline. Our service is a reliable solution to all your troubles. Place an order on any task and we will take care of it. You won’t have to worry about the quality and deadlines

Order Paper Now

Sample Web Server Scan

Using the following Nikto output, identify potential vulnerabilities and issues with the scanned system.

– Nikto v2.1.0

—————————————————————————

+ Target IP:          192.168.2.111

+ Target Hostname:    192.168.2.111

+ Target Port:        80

—————————————————————————

+ Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch

– Root page / redirects to: login.php

+ OSVDB-0: robots.txt contains 1 entry which should be manually viewed.

+ OSVDB-0: Apache/2.2.8 appears to be outdated (current is at least Apache/2.2.14). Apache 1.3.41 and 2.0.63 are also current.

+ OSVDB-0: Number of sections in the version string differ from those in the database, the server reports: 5.2.4.45.2.117.98.117.110.116.117.5.10 while the database has: 5.2.8. This may cause false positives.

+ OSVDB-0: PHP/5.2.4-2ubuntu5.10 appears to be outdated (current is at least 5.2.8)

+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST

+ OSVDB-0: ETag header found on server, inode: 1681, size: 26, mtime: 0x46dfa70e2b580

+ OSVDB-0: /config/: Configuration information may be available remotely.

+ OSVDB-0: /php.ini: This file should not be available through the web interface

+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.

+ OSVDB-3268: /config/: Directory indexing is enabled: /config/

+ OSVDB-3092: /login/: This might be interesting…

+ OSVDB-3092: /setup/: This might be interesting…

+ OSVDB-3268: /icons/: Directory indexing is enabled: /icons

+ OSVDB-3268: /docs/: Directory indexing is enabled: /docs

+ OSVDB-3092: /README: README file found.

+ OSVDB-3092: /CHANGELOG.txt: A changelog was found.

+ OSVDB-3233: /icons/README: Apache default file found.

+ 3588 items checked: 17 item(s) reported on remote host

—————————————————————————

+ 1 host(s) tested

Answer the following:

1-What vulnerabilities were found?

2-What risks do they create?

3-How could they be remediated?

 
Do you need a similar assignment done for you from scratch? We have qualified writers to help you. We assure you an A+ quality paper that is free from plagiarism. Order now for an Amazing Discount!
Use Discount Code "Newclient" for a 15% Discount!

NB: We do not resell papers. Upon ordering, we do an original paper exclusively for you.