Hey guys. I have a few selfhosted systems that are available to the public. Its getting difficult to notice if any wrong port is still open or some web server is out of date. I am looking for a (foss) tool that can reguarly monitor my systems (via their public ip/domain) and notify me if any port that I not specifically allowed (in a config) is open. Additionally it would be cool if it checked all open ports if they provide out of date software (like webservers) or known security issues.
I found nikto, but it feels like its doing only half of what I want. greenbone feels way to bloated for my use case.
Do you know any kind of software that would do something like that?
This isn’t generally done with security scanners unless you’re running hundreds of nodes. Use iptables rules with inclusive rules only to block ports. Keep your software inventoried for the rest, or some sort of basic configuration management.
If you don’t have these basics, what good is a scanner going to do for you?