Asp.Net Security Analyser (new security tool by DDPlus)

Discussion in 'ASP .Net Security' started by Dinis Cruz, Oct 8, 2003.

  1. Dinis Cruz

    Dinis Cruz Guest

    Hello

    I'm happy to announce that we (DDPlus) have just released the first
    stable version of our new Open Source Project: the Asp.Net Security
    Analyser (ANSA)

    Asp.Net Security Analyser (ANSA) is a Open Source, Windows based,
    online tool, that tests the server's security for known
    vulnerabilities and mis-configurations. The tool was initially
    designed to allow the protection of ISPs that provide shared hosting
    services. You can download the source code, use it in your servers and
    distribute it to who ever you feel appropriate.

    The project's objective is to create an Open Source tool that allows
    system administrators (responsible for windows based shared hosting
    environments) to easily identify and solve existent security problems.

    The current version is focused on identifying security vulnerabilities
    such as: remote command execution, pour website isolation (i.e. the
    user from website A can see the data from website B), disclosure of
    sensitive information (such as usernames/passwords, running processes,
    installed services), ability to do a server based port scan, etc..

    Eventually the tool should evolve to a "Asp.Net Security Configuration
    Tool" where it will also allow the SysAdmins to securely configure
    their servers

    This project is currently hosted in a Workspace in GotDotNet
    (www.gotdotnet.com) and this is the direct link to the project:
    http://www.gotdotnet.com/Community/Workspaces/Workspace.aspx?id=36ae9a2c-8740-4b52-924e-320edf64fba5
    (if this link doesn't work please visit this page
    http://www.gotdotnet.com/community/workspaces/directory.aspx and
    search for 'ANSA')

    Thanks for your time, and don't hesitate to contact me if you require
    any further help.


    Dinis Cruz
    ..Net Security Consultant
    DDPlus
     
    Dinis Cruz, Oct 8, 2003
    #1
    1. Advertising

  2. Dinis Cruz

    Stefan Guest

    I can't get it work.
    I've always benn redirected to a login page???
    "Dinis Cruz" <> wrote in message
    news:...
    > Hello
    >
    > I'm happy to announce that we (DDPlus) have just released the first
    > stable version of our new Open Source Project: the Asp.Net Security
    > Analyser (ANSA)
    >
    > Asp.Net Security Analyser (ANSA) is a Open Source, Windows based,
    > online tool, that tests the server's security for known
    > vulnerabilities and mis-configurations. The tool was initially
    > designed to allow the protection of ISPs that provide shared hosting
    > services. You can download the source code, use it in your servers and
    > distribute it to who ever you feel appropriate.
    >
    > The project's objective is to create an Open Source tool that allows
    > system administrators (responsible for windows based shared hosting
    > environments) to easily identify and solve existent security problems.
    >
    > The current version is focused on identifying security vulnerabilities
    > such as: remote command execution, pour website isolation (i.e. the
    > user from website A can see the data from website B), disclosure of
    > sensitive information (such as usernames/passwords, running processes,
    > installed services), ability to do a server based port scan, etc..
    >
    > Eventually the tool should evolve to a "Asp.Net Security Configuration
    > Tool" where it will also allow the SysAdmins to securely configure
    > their servers
    >
    > This project is currently hosted in a Workspace in GotDotNet
    > (www.gotdotnet.com) and this is the direct link to the project:
    >

    http://www.gotdotnet.com/Community/Workspaces/Workspace.aspx?id=36ae9a2c-8740-4b52-924e-320edf64fba5
    > (if this link doesn't work please visit this page
    > http://www.gotdotnet.com/community/workspaces/directory.aspx and
    > search for 'ANSA')
    >
    > Thanks for your time, and don't hesitate to contact me if you require
    > any further help.
    >
    >
    > Dinis Cruz
    > .Net Security Consultant
    > DDPlus
    >
     
    Stefan, Oct 10, 2003
    #2
    1. Advertising

  3. Dinis Cruz

    Dinis Cruz Guest

    Hello

    The Asp.Net Security Analyser must be copied to an website that accepts
    Anonymous requests.

    The idea is to test the security of your server in normal circunstances.

    If you login has an administrator then all scripts will be executed with
    administrative rights, which defeats the principle of the exercise.

    Hope this helps

    Dinis Cruz
    ..Net Security Consultant
    DDPlus (www.ddplus.net)


    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
     
    Dinis Cruz, Oct 11, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Edward
    Replies:
    4
    Views:
    4,624
    William \(Bill\) Vaughn
    Apr 10, 2006
  2. Ben Jessel
    Replies:
    2
    Views:
    389
    Ben Jessel
    Dec 8, 2003
  3. Core Analyser

    , May 26, 2005, in forum: Java
    Replies:
    0
    Views:
    456
  4. prabhu
    Replies:
    18
    Views:
    566
  5. Rolf Magnus
    Replies:
    3
    Views:
    326
    Jack Klein
    Jan 31, 2004
Loading...

Share This Page