RE: QualysGuard

From: Aurélien Cabezon (aurelien.cabezon_at_isecurelabs.com)
Date: 08/27/04

  • Next message: Kurt: "RE: Huge Live Linux Boot CDs" 
    To: "'DeGennaro, Gregory'" <Gregory_DeGennaro@csaa.com>
Date: Fri, 27 Aug 2004 22:00:39 +0200

     
     | It is a good product, except all your data is kept in a "secure"
     | repository back at their HQ.

    Maybe more secure than a box on the company's network...
    What append if such a box get hacked ?

     |The good thing about this is
     | you can access your box indirectly from anywhere and view
     | the results. The draw back, is that Qualys could gain
     | access to your data as well as a hacker
     | (cracker) who had gained access into the Qualys network.

    Datas are encrypted with the customer's password as encryption key.
    Qualys's customers can also access their datas with a SecureID authentification.
     
     | The appliance will push data to the web portal after each scan.

    Threw an ssl tunnel.

    Regards,

            Aurélien Cabezon

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one interaction
    with one of our expert instructors. Check out our Advanced Hacking course,
    learn to write exploits and attack security infrastructure. Attend a course
    taught by an expert instructor with years of in-the-field pen testing
    experience in our state of the art hacking lab. Master the skills of an
    Ethical Hacker to better assess the security of your organization.

    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------

  • Next message: Kurt: "RE: Huge Live Linux Boot CDs"

    Relevant Pages

    • Re: [Full-disclosure] What is wrong with schools these days?
      ... Because a lot of open-source bozos run around claiming unix is more secure than Windows. ... So a lot of clueless people think that, if they just set up a RedHat box, they won't have anything to worry about. ... The last five were two Macs and three RedHat boxes. ... It means, until the general public understands the problem and knows what the solution is, hacking will continue apace with no sign of letting up. ...
      (Full-Disclosure)
    • RE: Which Windows OS is Safest
      ... Which Windows OS is Safest ... "most secure Lose-Doze OS" ... ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ...
      (Security-Basics)
    • RE: NAT external/Public IP
      ... With PAT private IP addresses are hidden from the outside world. ... This basically makes the job of hacking into a system more difficult, because the original host's IP address and source port is unknown. ... staff PC's. ... Any alternative is most definitely less secure. ...
      (Security-Basics)
    • Re: hackers
      ... What are you currently doing to secure your computer? ... What operating system ... > There's a local girl here in town who keeps hacking into ... I get no cooperation from anyone. ...
      (microsoft.public.win2000.security)
    • Re: What is it?
      ... "Vista is finally secure from hacking. ... No one is going to 'hack' ... the product activation and try and steal the o/s. ...
      (rec.puzzles)