I am trying to find some type of program or maybe even a just a specific checklist to determine security of scripts, permissions and module configuration in apache. In particular does any know a program to check for security risks running suexec and ssi's. Especially geared for Redhat/Apache?

I have run find_ddos and no problems there, but since server is becoming more active.. and now some users want frontpage.

jon

?

No idea there - never heard of a script to check cgi security. Anyone else heard of one?

i was thinking on the lines of hacker tools to run to try to break in to your own system, something emulated of course from within the system itself.

i have heard of SATAN and other tools, but am really leery of using them unless the source can be trusted.