Test my site for vulnerabilities - Revision history

Floriana: added tools

2015-11-26T10:40:02Z

added tools

Dmitri: removed hacking threat category

2015-11-24T22:05:31Z

removed hacking threat category

Floriana: evening the general tone

2015-11-20T12:12:26Z

evening the general tone

Dmitri at 19:26, 10 September 2015

2015-09-10T19:26:18Z

Dmitri at 18:57, 10 September 2015

2015-09-10T18:57:41Z

Dmitri: Created page with "{{Scenario Task |Scenario Task Format=Solution |Scenario Task Parent=My Website }}"

2015-09-09T15:45:59Z

Created page with "{{Scenario Task |Scenario Task Format=Solution |Scenario Task Parent=My Website }}"

New page

{{Scenario Task
|Scenario Task Format=Solution
|Scenario Task Parent=My Website
}}

@@ Line 3: / Line 3: @@
 |Scenario Task Parent=My Website
 |Scenario Task Type=Unauthorised Access
 |Scenario Task Description=The rule of thumb for not getting your site hacked or infected with malware is:
 * Run up-to-date software, including all themes and plugins (if there are no recent updates to either - do not use them anymore)

@@ Line 2: / Line 2: @@
 |Scenario Task Format=Solution
 |Scenario Task Parent=My Website
-|Scenario Task Type=Hacking, Unauthorised Access
+|Scenario Task Type=Unauthorised Access
 |Scenario Task Description=The rule of thumb for not getting your site hacked or infected with malware is:
 * Run up-to-date software, including all themes and plugins (if there are no recent updates to either - do not use them anymore)

@@ Line 4: / Line 4: @@
 |Scenario Task Type=Hacking, Unauthorised Access
 |Scenario Task Description=The rule of thumb for not getting your site hacked or infected with malware is:
-* Run up to date software, including all themes and plugins (if there are no recent updates to either - do not use them anymore)
+* Run up-to-date software, including all themes and plugins (if there are no recent updates to either - do not use them anymore)
 * Do not install or run any services you are not currently using
-* Make sure your webhost continually updates their own systems and services
+* Make sure your web hosting service continually updates their own systems and services
-Testing a site for vulnerabilities is not an easy task. You need to look not only at the various systems your website is comprised of and depends on, but to be able to interpret the results as well.  A vulnerability could be found and exploited on a systems level (e.g. hosting set-up), in the web-server configuration, inside Wordpress or some third-party plug-in it is using.
+Testing a site for vulnerabilities is not an easy task. You need to look not only at the various systems your website is comprised of and depends on, but to be able to interpret the results as well. A vulnerability could be found and exploited on a systems level (e.g. hosting set-up), in the web server configuration, inside Wordpress or in some third-party plug-in you have installed within it.
-An [https://pentest-tools.com online penetration test] is available with several testing options including a passive reconnaissance [https://pentest-tools.com/information-gathering/google-hacking# 'Google hacking'] test. In principle it is recommended to run your own vulnerability testing systems, including the popular [https://nmap.org/download.html Nmap] tool and the suprisingly easy to set up but very well respected [http://www.tenable.com/products/nessus/nessus-professional Nessus vulnerability scanner].
+An [https://pentest-tools.com online penetration test] is available with several testing options, including a passive reconnaissance [https://pentest-tools.com/information-gathering/google-hacking# 'Google hacking'] test. In principle it is recommended to run your own vulnerability testing systems, including the popular [https://nmap.org/download.html Nmap] tool and the surprisingly easy to set up but very well respected [http://www.tenable.com/products/nessus/nessus-professional Nessus vulnerability scanner].
-Many vulnerabilities occur at the user level - with you. For an in-depth look into auditing internal organisational processes and systems refer to the [http://www.safetag.org Safetag] project and make sure you have read section on how to [[I would like to prevent others from accessing my computer|protect your computer]].
+Many vulnerabilities occur at the user level - with you. For an in-depth look into auditing internal organisational processes and systems, refer to the [http://www.safetag.org Safetag] project and make sure you have read the section on how to [[I would like to prevent others from accessing my computer|protect your computer]].
 }}

@@ Line 10: / Line 10: @@
 Testing a site for vulnerabilities is not an easy task. You need to look not only at the various systems your website is comprised of and depends on, but to be able to interpret the results as well.  A vulnerability could be found and exploited on a systems level (e.g. hosting set-up), in the web-server configuration, inside Wordpress or some third-party plug-in it is using.
-An [https://pentest-tools.com online penetration test] is available with several testing options including a passive reconnaissance [https://pentest-tools.com/information-gathering/google-hacking# 'Google hacking'] test.
+An [https://pentest-tools.com online penetration test] is available with several testing options including a passive reconnaissance [https://pentest-tools.com/information-gathering/google-hacking# 'Google hacking'] test. In principle it is recommended to run your own vulnerability testing systems, including the popular [https://nmap.org/download.html Nmap] tool and the suprisingly easy to set up but very well respected [http://www.tenable.com/products/nessus/nessus-professional Nessus vulnerability scanner].
-In principle it is recommended to run your own vulnerability testing systems, including the popular [https://nmap.org/download.html Nmap] tool and the suprisingly easy to set up but very well respected [http://www.tenable.com/products/nessus/nessus-professional Nessus vulnerability scanner].
+Many vulnerabilities occur at the user level - with you. For an in-depth look into auditing internal organisational processes and systems refer to the [http://www.safetag.org Safetag] project and make sure you have read section on how to [[I would like to prevent others from accessing my computer|protect your computer]].
 }}