Forum
Web sitelerinizin güvenliğini kontrol etmek için Microsoft tarafında
geliştirilmiş Web Application Configuration Analyzer(WACA) aracını
kullanabilirsiniz. Detaylı açıklamayı aşağıda bulabilirsiniz.
Bilginize.
Web Application Configuration Analyzer (WACA) is a tool that scans a
server against a set of best practices recommended for pre-production
and production servers. It can also be used by developers to ensure
that their codebase works within a secure / hardened environment
(although many of the checks are not as applicable for developers). The
list of best practices is derived from the Microsoft Information
Security & Risk Management Deployment Review Standards used
internally at Microsoft to harden production and pre-production
environments for line of business applications. The Deployment Review
standards themselves were derived from content released by Microsoft
Patterns & Practices, in particular: Improving Web Application
Security: Threats and Countermeasures available at: http://msdn.microsoft.com/en-us/library/ms994921.aspx .
It uses an agent-less scan that requires the user to have admin
privileges on the target server, as well as any SQL Server instances
running on that machine.
- Scan a machine for more than 140 rules
- Generate HTML based reports
- Compare two scans to view the differences
- Export results to Excel
- Export results to Team Foundation Server
You can download the tool from http://www.microsoft.com/downloads/en/details.aspx?FamilyID=60585590-57df-4fc1-8f0c-05a286059406 . You can view a demo of the tool in this channel9 screencast.
Danışman - ITSTACK Bilgi Sistemleri
****************************************************************
Probleminiz Çözüldüğünde Sonucu Burada Paylaşırsanız.
Sizde Aynı Problemi Yaşayanlar İçin Yardım Etmiş Olursunuz.
Eğer sorununuz çözüldü ise lütfen "çözüldü" olarak işaretlerseniz diğer üyeler için çok büyük kolaylık sağlayacaktır.
*****************************************************************