[Full-Disclosure] Top 15 Reasons Why Admins Use Security Scanners

From: Joel R. Helgeson (joel_at_helgeson.com)
Date: 04/28/04

  • Next message: Sandro Gauci: "RE: [Full-Disclosure] ezine"
    To: <full-disclosure@netsys.com>
    Date: Wed, 28 Apr 2004 02:36:17 -0500
    
    

    Top 15 Reasons Why Admins Use Security Scanners

    This list has been compiled by emailing various Security/Admin lists...
    Anyone care to offer their input - add to the list?

    -Am I sure that I have found all vulnerabilities in my network?
    -Have I configured my network properly?
    -Am I finding and closing security holes fast enough?
    -How do I know which machines have a missing patch?
    -Are we resistant enough to network-savvy viruses that spread via known
    exploits?
    -Are we in compliance with HIPAA, Sarbanes-Oxley and other regulations?
    -What have I missed in locking down a server or environment?
    -Do I have my network perimeter and interior sufficiently protected?
    -Have I identified and protected my network resources from external threats?
    -Do I know which systems are now well protected?
    -How vulnerable are we from the inside?
    -How will I ever pass my IT Security Audits?
    -How do I locate computers on my network, that are not within compliance?
    -How do I report to Management that we have done all we could to lock down?
    -How do I detect unknown and/or rogue devices/connections?

    Joel R. Helgeson
    Director of Networking & Security Services
    SymetriQ Corporation

    "Give a man fire, and he'll be warm for a day; set a man on fire, and he'll
    be warm for the rest of his life."

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Sandro Gauci: "RE: [Full-Disclosure] ezine"