[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040428223535.GO30960@mars-attacks.org>
From: boklm at mars-attacks.org (nicolas vigier)
Subject: Top 15 Reasons Why Admins Use Security Scanners
On Wed, 28 Apr 2004, Joel R. Helgeson wrote:
>
> Top 15 Reasons Why Admins Use Security Scanners
>
> This list has been compiled by emailing various Security/Admin lists...
> Anyone care to offer their input - add to the list?
>
> -Am I sure that I have found all vulnerabilities in my network?
Unfortunately you cannot really be sure that you have no known
vulnerabilites in your network with most scanners.
Sometime if you use a scanner like nessus and have a network of
debian stable machines (or any other OS which doesn't upgrade
the version of a program when a vuln is found but instead backport
the fix in order to avoid problems with upgrade which change too
much things) you get too much false positive because nessus only
try to find the version and don't really test the vulnerability.
I think the right way to do it is to use a scanner which will use
an exploit to test the vulnerability. Unfortunately an exploit is
not always avaible for every vulnerability.
What scanner are you using ?
Powered by blists - more mailing lists