FireBird34 has asked for the wisdom of the Perl Monks concerning the following question:
I have recently been having alot of computer related problems, and I don't really know how secure my computer is. It came to me that I might be able to test this via Perl. Is there an easy way I can do a self scan of my ports (without using some other program that would possibly contain a virus), and print out the results to the screen (if it *might* be a security risk)? Even with a firewall up, I still have some suspicious activity here (yes, half of that is because of being on Windows, but oh well =P). Anyway, if anyone can help, I would appreciate it.
Re: Security checker
by djantzen (Priest) on Nov 07, 2002 at 04:06 UTC
|
I'm not aware of any CPAN modules capable of testing the security of a machine, and rolling your own script to scan active ports looking for vulnerabilities is not a simple project. I think you'd be better off trying the following things:
- Look at the rules in play on your firewall. From your description I'm guessing you have something like Tiny Personal Firewall running on a Windows box connected directly to the Net. Check what sort of traffic you are permitting. Probably the only traffic you want to permit is on port 80. But even so, Internet Explorer has had several vulnerabilities through wich malformed URIs -- which are permissible over port 80 -- can violate your system via IE. So make sure you're running a patched version of IE.
- Shut down unnecessary services you have running. If you've got IIS running (god I hope not) shut it down or patch it. Turn off services like NetBIOS and File Sharing.
- You are running anti-virus software, right? Symantec offers a service through Norton AV where they'll scan your machine for vulnerabilities, but that's only if you're running their software.
- Update: Here's a useful link for hardening a Win2000 box.
HTH, fever
| [reply] |
Re: Security checker
by FamousLongAgo (Friar) on Nov 07, 2002 at 04:36 UTC
|
This has nothing to do with Perl, but I have found nothing better than Nessus for this kind of comprehensive checking. It is an open source portscanner that will run a very complete set of diagnostics, and can be run from another machine. You get a complete report, with an assessment of how vulnerable you are, and how to fix the exposure.
Please note that this has nothing to do with checking your machine to see if you're already infected. If you do find serious vulnerablities, you may have to assume the worst.
| [reply] |
|
Ok, thanks. I actually use the Zone Alarm, but even though it's *supposidly* the best freeware FW, I've had some problems. I don't use the on-PC virus scanners (although I plan to), but I do a daily check on House Call (http://www.antivirus.com). Also, I'll check out that program, thanks.
BTW, sorry if this wasn't Perl related -- I figured I could run a script for this (yes, I am still a n00b to the language ;)). Again, thanks.
| [reply] |
Re: Security checker
by JPaul (Hermit) on Nov 07, 2002 at 16:03 UTC
|
Greetings,
Remember that when you portscan yourself you are seeing yourself
from inside your network, where local ports may be opened intentionally.
If you're wanting a proper portscan of yourself it would be smarter
to have a friend portscan you while you're both online to get the full
picture of your external exposure.
JP,
-- Alexander Widdlemouse undid his bellybutton and his bum dropped off -- | [reply] |
|
Just make sure you check the TOS for your ISP and the friend that helps you with this. Portscans can and often are considered "evil".
Just an FYI.
| [reply] |
|
The PC I'm on is not part of a network, so any ports that are left open (which might cause security issues) I am not aware of. Also, being on a Win98 platform, I know there are alot of security bugs that need patching (I would rather be on Linux, but my E-Card is to outdated... and drivers didn't help much). I'll also talk to a few friends and check. I don't know to many computer type people who would trust a port scan on their own system, let alone know what a port is. Also, thanks for the extra tips.
| [reply] |
|
|