You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Frank Bonnet <f....@esiee.fr> on 2009/12/27 13:45:01 UTC

[users@httpd] security scanner for apache ?

Hello

I'm searching for tools to check eventuals security holes in an apache 
server . The server runs Zope in https mode

any infos links welcome

Thank you

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] security scanner for apache ?

Posted by Morgan Gangwere <0....@gmail.com>.

On Sunday 27 December 2009 05:45:01 am Frank Bonnet wrote:
> I'm searching for tools to check eventuals security holes in an apache
> server . The server runs Zope in https mode

Honestly, that's something you do yourself. Pen-tests are a /custom/ thing. So 
far, https is as secure a layer as the encryption (TLS/SSL). Apache itself is 
fairly secure, but its only as secure as the application running on it.

"Remember, the weakest link of security is your users: Assume they have their 
login credentials written in big bold marker on their desk."
 -- Author Unknown.

-~-
Morgan Gangwere


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org