Re: Vulnerability scanners

hi ya

On Thu, 27 Mar 2003, Jeff Williams @ Aspect wrote:

> Let's assume that you're talking about 256 IPs (based on Qualys' published

their "mail server scanning" is pointless ??? ( when we tried it out )

• just a bunch of dictionary names for your-domain.com

vulnerability scanning and pen-testing ...

• you can do quickie tests.. ( few minutes - couple hours )
• you can and SHOULD do it every time something changed ( incremental costs should be minimal )
• you should go back and see what other vuln tests you or your other hired testors didnt check earlier... ( few days, few weeks )
• repeat round and round
  • most of the scanning can be automated
  • think one can also apply all the scriptkiddie scripts automatically ??
  • automation is the key ... people will get tired of running the same repeatative tests

> effort for someone (probably more to generate a very nice report and

you do need a qualified testor ... newbies wont knwo what to look for and how to test it ..

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

i'd say a good vulnerability scanner and pen-testor would run $150K in salaries + double it for insurance, benefits, office space, phones, lab, PCs, test archives, etc

	plus probably an additional knowledgeable secretary to type up
	pretty reports and attachements

"good"  == they can find the obvivious holes... in a matter of minutes
	- break into any pc running sendmail earlier than 8.12.8
	- break into any apache w /443 left on
	- break into wireless sites w/ telnet/ftp/pop3 left on inside
	... blah .. blah ..

c ya
alvin

top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1 Received on Thu Mar 27 17:10:37 2003