Re: Application Security Scanning
From: Andrew Simmons (asimmons_at_messagelabs.com)
Date: 11/25/05
- Previous message: Franck Veysset: "Re: Identifying whether 2 IPs are from the same server"
- Maybe in reply to: adam.hirsch_at_drkw.com: "Application Security Scanning"
- Next in thread: Frederic Charpentier: "Re: Application Security Scanning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Nov 2005 16:50:44 +0000
hi Adam,
adam.hirsch@drkw.com wrote:
> I was hoping to see if anyone has heard of an application security scanner
> that scan scan non-web based applications. So far, the only automated tools
> that I have been able to find are source code security scanners. Has anyone
> heard of an application that can scan non-web based apps?
>
As far as I know, only scanners that are specifically intended for web
apps (such as Nitko) don't work against 'non-web' apps. Certainly
Nessus, Retina, Nmap et al all work fine against non-web apps, as long
as they have a network interface.
I'm a bit puzzled by the question, actually. By "non-web" do you mean
"not using HTTP over port 80/443"? Or "apps that don't use the network"?
cheers
\a
-- Andrew Simmons Technical Security Consultant MessageLabs - Be certain -- Andrew Simmons Technical Security Consultant MessageLabs Mobile: +44 (7917) 178745 asimmons@messagelabs.com www.messagelabs.com MessageLabs - Be certain ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
- Previous message: Franck Veysset: "Re: Identifying whether 2 IPs are from the same server"
- Maybe in reply to: adam.hirsch_at_drkw.com: "Application Security Scanning"
- Next in thread: Frederic Charpentier: "Re: Application Security Scanning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
