Vulnerability Scanning

• Previous message: Eric Paynter: "Re: Linux/Windows Authentication?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: pen-test@securityfocus.com
Date: Fri, 27 Feb 2004 11:38:57 -0800

lo all,
After reviewing some scan results and finding a number of false positives from nessus (primarly in XP hosts), I began to become a
bit more concerned than I already was.
This is in no way reflecting upon nessus's ability to find vulnerabilities and I truely believe all scanners have these issues.
The question is, what does everyone else do about this? Obviously scanners are never going to be 100% accurate. So I started
to think of ways of checking if these vulnerabilities exist or not. First using a known exploit obviously gives a more accurate
analysis, but known exploits aren't always available. Yes I can write my own for said vulnerability but sometimes this isn't
exactly
possible, for instance some vulnerabilities require a user to say click on a malicious link, which isn't always feasible when
testing 300 workstations. So what else can we do? Check the registry manually, this is an option but very time consuming, does
anyone actually do this??? At this point I believe I'm going to have to start trying. Does anyone simply say, some of these are
false positives and we can't do anything about it? I highly doubt a client will like to hear that. Also some vulnerabilities are
simply too dangerous, windows vulnerabilities in particular that can cause the host to reboot. Not every vulnerability is
perfectly
exploited. So what are the other options people use/feel comfortable with?
Thanks for any responses...
-wire
  

--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf
---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Previous message: Eric Paynter: "Re: Linux/Windows Authentication?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Vulnerability Scanning ... After reviewing some scan results and finding a number of false positives ... This is in no way reflecting upon nessus's ability to find vulnerabilities ... and I truely believe all scanners have these issues. ... For more information on a proactive anti-virus service working around the clock, around the globe, visit: ... (Pen-Test) Re: Vulnerability Scanning ... > After reviewing some scan results and finding a number of false positives from ... > This is in no way reflecting upon nessus's ability to find vulnerabilities and I ... Nessus' thousands of checks. ... many folks don't use scanners. ... (Pen-Test) Testing an entire network for (client and server) vulnerabilities ... And most of the hosts on ... susceptible to certain vulnerabilities. ... the network contained vulnerable elements (applications, configurations, ... (comp.os.ms-windows.nt.admin.security) Re: Vulnerability Scanning ... After reviewing some scan results and finding a number of false positives from nessus (primarly in XP hosts), ... This is in no way reflecting upon nessus's ability to find vulnerabilities and I truely believe all scanners have these issues. ... false positives and we can't do anything about it? ... If you or your employer does ... (Pen-Test) Re: Going from bind9 to djbdns ... > My friend, who hosts most of my stuff, is using djbdns. ... BIND 9 is a whole different animal from BIND <=8, ... They do pesky things like find vulnerabilities in his code ... (freebsd-questions)