Secure Your Apache Configuration On Ubuntu 6.0.6 With Nikto Scan

By now you've got the perfect setup for your new Ubuntu 6.0.6 (Dapper Drake) box. You may have even followed the excellent Intrusion Detection and Prevention with BASE and Snort tutorial. And as an added precaution you installed DenyHosts to prevent hack attempts via ssh. But now that you've got your new LAMP server on the internet, how can you tell that your new web server is secure? You test it, of course!

This tutorial, inspired by one of the chapters in Hardening Apache by Tony Mobily (APress), will show you how to set up the free web server security scanner tool, Nikto. This tool will probe your Apache set-up for vulnerabilities, so you can get an idea of what holes may exist in your configuration. This tutorial will only get you so far as installing the tool, and running your first scan. A google search or the afore mentioned book will give you plenty of information on actually securing your Apache server.

The link for this article located at HowTo Forge is no longer available.