Remote information services can collect information for later use (such as username and internal IP address information) and run arbitrary commands on the target server by exploiting process manipulation vulnerabilities. This chapter focuses on the assessment of these services and lists relevant tools and techniques that can test and assure the security of your services.