Re: oracle VA/PT

From: Joshua Wright (jwright_at_hasborg.com)
Date: 09/28/05

  • Next message: ctg: "Re: Vulnerability assessment for small business" 
    Date: Wed, 28 Sep 2005 07:53:18 -0400
To: Michael Gargiullo <mgargiullo@pvtpt.com>

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Michael Gargiullo wrote:
    > I find it strange that nessus didn't even see an open port on 1421.

    Maybe because the default listener port is 1521?

    > There are a ***-load of Oracle plugins for nessus. More then 7 of them
    > are for remote shells.

    For Oracle VA scanning, I've had good experiences with the NGS SQuirreL
    product from NGSSoftware (http://www.ngssoftware.com/squirrelsql.htm).

    A free trial is available to test it out.

    - -Josh
    - --
    - -Joshua Wright
    jwright@hasborg.com

    2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
    fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF

    Today I stumbled across the world's largest hotspot. The SSID is "linksys".
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (MingW32)

    iD8DBQFDOoQtTS8i9jZYpL8RAjGyAKCRU7bODbC7joNE44vcfZnioYmeqACeItys
    dhBfcxIcPC/PH6wmJWKl0Xs=
    =wJSI
    -----END PGP SIGNATURE-----

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------

  • Next message: ctg: "Re: Vulnerability assessment for small business"