Roaming around the internet you’ll discover A LOT of systems and services that can check your systems for security holes and improvements. These scans can help you a lot by giving you more insight in your security. I’ve already mentioned some before, but always keep searching for alternatives.
In the last couple of months I’ve used a lot of these scans and discovered there are a couple I always use. Although this isn’t is definitely the only correct one, I’m sure it can get you started and decided to share ‘my’ scans with you.
So here’s my list. I think the first 2 are absolutely mandatory for every system you get your hands on.
- A OpenVAS scan. Install an appliance via http://www.openvas.org/
- Scan with Lynis. More info at https://cisofy.com/lynis/
- Check your SSL configuration at https://www.ssllabs.com/ssltest/index.html
- Check your SSL configuration on a specific port at https://www.htbridge.com/ssl/
- Improve your SSL configuration at https://mozilla.github.io/server-side-tls/ssl-config-generator/
- Check your security headers at https://securityheaders.io
Hackers never sleep!