What is Security Testing?

The security testing is performed to check whether there is any information leakage in the sense by encrypting the application or using wide range of software’s and hardware's and firewall etc.

Before planning for Security Testing, you will need to think about the following parameters:

• Authentication - Testing the authentication schema means understanding how the authentication process works and using that information to circumvent the authentication mechanism. Basically, it allows a receiver to have confidence that information it receives originated from a specific known source.
• Authorization - Determining that a requester is allowed to receive a service or perform an operation.
• Confidentiality - A security measure which protects the disclosure of data or information to parties other than the intended.
• Integrity – Whether the intended receiver receives the information or data which is not altered in transmission.
• Non-repudiation - Interchange of authentication information with some form of provable time stamp e.g. with session id etc.

Reports @ Server Sniff

Lets take a look at reports menu at serversniff.net / tomdns.net

1. NS Report / Name Server report

This report gives information about name servers associated with domain. Name server is used to redirect user query for URL / URI to server.

tomdns.com | An online Information Gathering Tool

We discussed some windows and Linux based tools for information gathering on www.ankitmehta.in, As that domain is no longer in existence I will put new tools and techniques for security testing on this platform.

Tomdns.com is an online information gathering tool, this tool is very straight forward for information gathering and providing to its visitor. You can gather information like

1. MX Record
2. A Record
3. Domain Record
4. IP report
5. SSH report
6. Trace route
7. Web server information and many more things

Good feature of this site is GUI representation of any query.