lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <web-70363@mx-01.data-return.org>
Date: Wed, 15 Feb 2006 14:01:46 -0800
From: "Aaron" <microchp@...rochp.org>
To: Tim Nelson <security@...alive.biz>,Alice Bryson
 <abryson@...efocus.com>
Cc: full-disclosure@...ts.grok.org.uk, vulnwatch@...nwatch.org,
	bugtraq@...urityfocus.com, ntbugtraq@...ugtraq.com
Subject: Re: What can a Remote Vulnerability Scanner do in
	Future?


Nessus can do local checks on windows/unix from remote. 
 nessus.org.

Dont let the good looking web site scare you either.  It 
is still free afaik.

:)

--Aaron


On Mon, 13 Feb 2006 10:16:22 +1100 (EST)
  Tim Nelson <security@...alive.biz> wrote:
> On Mon, 6 Feb 2006, Alice Bryson wrote:
> 
> ...
>>    Eeye scanner could not do remote local check too. So 
>>I am consider
>> what can Remote Vulnerability Scanner do? Will this 
>>thing disappear in
>> the future?
> 
> 	Scan for remote vulnerabilities.  Scanning for local 
> vulnerabilities can obviously only be done locally.
> 
> 	Basically you need to have a remote access method 
>before you can 
> do anything remotely.  It might be useful to get a 
>windows version of sshd or cfengine.  Another possibility 
>would be to make the local scanner executable available 
>on the network, and then have each machine individually 
>download it and run it locally.
> 
> 	Basically, to check for local vulnerabilities, you 
>need:
> 1.	A deployment process (hopefully simple)
> 2.	An execution process
> 
> 	This is exactly what cfengine was designed to solve in 
>the Unix 
> world.
> 
> -- 
> Kind Regards,
>  
> Tim Nelson
> Server Administrator
>  
> P: 03 9934 0888
>F: 03 9934 0899
> E: tim.nelson@...alive.biz
> W: www.webalive.biz
>  
> WebAlive Technologies
> Level 1, Innovation Building
> Digital Harbour
> 1010 La Trobe Street
> Docklands Melbourne VIC 3008
> 
> This email (including all attachments) is intended 
>solely for the named addressee. It is confidential and 
>may contain legally privileged information. If
> you receive it in error, please let us know by reply 
>email, delete it from your system and destroy any copies. 
>This email is also subject to copyright. No
> part of it should be reproduced, adapted or transmitted 
>without the written consent of the copyright owner.
> 
> Emails may be interfered with, may contain computer 
>viruses or other defects and may not be successfully 
>replicated on other systems. We give no
> warranties in relation to these matters. If you have any 
>doubts about the authenticity of an email purportedly 
>sent by us, please contact us immediately.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ