Get started Bring yourself up to speed with our introductory content.

A Commercial Domino Security Scanner

Here I discuss a few Domino scanners, so that system administrators can decide which works best for them.

(NOTE: This admin tip discusses security scanners, a topic I have addressed in the past. Please note the following warning, which I have emphasized in the past:

*** WARNING: Only use security scanners against your own Web sites or Web sites whose owners have asked you to test them. If the Web site is hosted by an ISP, first tell the ISP what you are doing. Breaking these rules is bad ethics and will get you kicked off of many Internet service providers. ***)

DominoScan is a Domino scanner that is a commercial product from Next Generation Security Software in the United Kingdom ( In previous tips on searchDomino, I discussed the free Domino security scanner called DomiLock, located at (You can view my previous tips on Domino scanners, see URLs below.) Many people have found DomiLock to be a useful tool to check the security of Domino Web sites. DomiLock has the unfortunate habit, however, of vanishing from the Internet at random times.

DominoScan provides system administrators with yet another scanner option when determining which scanner works best for them. Unlike DomiLock, which is a Web site, DominoScan is an actual piece of software that you download and install on your computer.

When I tested DominoScan, it provided a lot of information about vulnerabilities in the target Web site, including information that is not gathered by DomiLock. I liked the thoroughness of DominoScan and the large amount of information in its audit report. One drawback to the product is that the audit report almost has too much information. I'd like to see an "executive summary" at the top that quickly summarizes any problems found.

In this respect, DomiLock is easier (and faster) than DominoScan for a quick security check of a Web site. But DominoScan is more complete. DominoScan also comes with a separate document titled "Hack Proofing Lotus Domino Web Servers" that is well worth reading.

You can download a trial version (usable only against localhost) from Next Generation's Web site. If you want to buy it, there are three purchase options: Single (can audit one Web server), Enterprise (can audit any Web server in your organization), and Consultant (can audit any Web server). The prices are $695, $1395, and $5595, respectively.

Previous tips on Domino scanners:

Scanning Domino for Security Holes

Data encryption and more security scanners

Chuck Connell is president of CHC-3 consulting, and a security expert.

Dig Deeper on Domino Resources - Part 2

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...