Samiux's Blog

Open Source is a great idea and it has changed the world! Open Source forever ....

While you do not know attack, how can you know about defense? (未知攻,焉知防?)

Do BAD things .... for the RIGHT reasons -- OWASP ZAP

It is easier to port a shell than a shell script. -- Larry Wall

Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris. -- Larry Wall

为天地立心，为生民立命，为往圣继绝学，为万世开太平。 -- 王炜

Friday, November 09, 2012

HOWTO : Make Sure Your Server Is Really Hidden

You are so brilliant to find a way to hide your server from the internet. However, you are not 100% sure. By using Penetrating Testing tools, you can confirm your hidden server is really hidden.

Here we use the tools in the BackTrack 5 r3.

nmap -sS -sV -v -Pn samiux.com

cd /pentest/enumeration/dns/fierce/

perl fierce.pl -dns samiux.com

*** where "samiux.com" is the domain name, here is only an example.

From the last output result, make sure your server IP address is not listed when she says that she is hidden.

Now, your server IP address is not shown. So, your server is really hidden? I guess not, maybe. To further test it with the searchdns.netcracft.net for the history records. You may find your server's IP address history records unfortunately (if any).

If your server IP address is in the history record of netcracft, you may consider to change the IP address when necessary in order to hide your server from the internet.

That's all! See you.