Re: Vulnerability assessment for small business

From: Ivan . (ivanhec_at_gmail.com)
Date: 09/30/05

  • Next message: gustavog_at_grupoitpro.com.ar: "Citrix Metaframe Presentation Server bypassing policies"
    Date: Fri, 30 Sep 2005 13:47:04 +1000
    To: Billy Dodson <billy@pmicromart.com>
    
    

    Hit the joint with GFI LANguard Network Security Scanner (N.S.S.)

    http://www.gfi.com/languard/

    cheers
    Ivan

    On 9/28/05, Billy Dodson <billy@pmicromart.com> wrote:
    >
    >
    > When doing a vuln assessment for a small business (25 PC's, no server)
    > which is using a peer-to-peer windows network, how do you approach this?
    > Say the customer has a firewall...but they don't host any services. All
    > of the PC's have local usernames and passwords that vary from machine to
    > machine. There is no one single administrator account across the board,
    > and you have little time. So you cant run many automated tools to check
    > patch levels and what not because you cant get remote access to the
    > registry. There are no services to be tested from the outside. Do you
    > manually go to each machine and test them individually? Of course you
    > can run null scans on the LAN, but that is not going to provide the
    > depth you need. Any ideas and pointers would be great.
    >
    > ------------------------------------------------------------------------------
    > Audit your website security with Acunetix Web Vulnerability Scanner:
    >
    > Hackers are concentrating their efforts on attacking applications on your
    > website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    > login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    > futile against web application hacking. Check your website for vulnerabilities
    > to SQL injection, Cross site scripting and other web attacks before hackers do!
    > Download Trial at:
    >
    > http://www.securityfocus.com/sponsor/pen-test_050831
    > -------------------------------------------------------------------------------
    >
    >

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------


  • Next message: gustavog_at_grupoitpro.com.ar: "Citrix Metaframe Presentation Server bypassing policies"

    Relevant Pages

    • RE: What ever happened to the Netbios share scanner utilities?
      ... It needs a list of servers, ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • RE: New article on SecurityFocus
      ... the vector doesn't exploit vulnerabilities... ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ... login pages, dynamic content etc. Firewalls, SSL and locked-down servers ...
      (Pen-Test)
    • RE: Correlating an IP address with a phone number
      ... Most dial-in servers store the caller-ID info in the MIB. ... MIB and get both the IP address and phone number of a user. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
      (Pen-Test)
    • RE: Designing Network Security
      ... network design since we are the ones who actually test the stuff out there ... web servers since a large majority of the ones I've run across doing ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping ...
      (Pen-Test)
    • RE: superscan on win2k vs winxp
      ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... >Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... login pages, dynamic content etc. Firewalls, SSL and locked-down servers ...
      (Pen-Test)