Re: Security scanning tools

• Previous message: Michael Dunn: "RE: OWA security"
• In reply to: Jack Solomon: "Security scanning tools"
• Next in thread: Devilscrow Sr: "Re: Security scanning tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 15 Dec 2003 11:38:33 -0800 (PST)
To: Jack Solomon <solzjack43@hotmail.com>

I would try out SecurityExpressions from Pedestal
Software. They put out an MS-Fixes file everytime
that Microsoft releases an update. It will require
you to have admin access on the target. However, the
upside is that you can right-click and fix it on the
spot.

We have had good success with it, on many machines
here. We also run ISS Internet Scanner, and have
accepted the fact that all scanners cannot reliably
report whether a machine is patched or not.

Regards,
Chris

--- Jack Solomon <solzjack43@hotmail.com> wrote:
>
> All
>
> Im currently testing new scanning tools to replace
> nessus. I ran ISS system
> scanner and Micro$oft Baseline Security analyst on a
> win2000 box and
> compared the results to the regular nessus scan.
> Each product reports
> different things...
>
> - Nessus says everything is cool
> - MS BSA reports that patch ms02-032 has not been
> applied
> - System scanner finds a nonexistent modem, no virus
> software (as if!) but
> no patches
>
> When I logon to the machine and try to run the MS
> update routine through IE,
> it reports no patches to be applied. Am I going
> crazy or using the tools
> wrong? surely they should all report the same
> vulnerabilities?
>
> My questions to the group are:
> 1. What tool[s] should I look to buy that that
> correctly reports security
> vulnerabilties with the least false positives?
> 2. Are false positives a known [feature] of all
> scanning tools?
>
>
> Jack
>
>
_________________________________________________________________
> Hotmail messages direct to your mobile phone
> http://www.msn.co.uk/msnmobile
>
>
>
---------------------------------------------------------------------------
>
----------------------------------------------------------------------------
>

__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/

---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Previous message: Michael Dunn: "RE: OWA security"
• In reply to: Jack Solomon: "Security scanning tools"
• Next in thread: Devilscrow Sr: "Re: Security scanning tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: What is being a pen tester really like? ... Nessus is a vulnerability scanner and using it to ... conduct a test is called a vulnerability assessment. ... Security experts recommend that an annual penetration test be ... This is NOT something Nessus does, ... (Pen-Test) RE: oracle VA/PT ... I find it strange that nessus didn't even see an open port on 1421. ... There is a commercial database security scanner out there. ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) RE: Top 10 vulnerabilities and open ports. ... Top 10 vulnerabilities and open ports. ... ports reports based on the results of the free security scans performed ... Reports are based on the results of tests performed using Nessus ... (Pen-Test) oracle VA/PT ... scanned with nessus and with emaze scanner that revealed no relevant ... that info with Nessus? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... (Pen-Test) [NT] SPIDynamics WebInspect Cross-Application Scripting (XAS) ... Get your security news from a reliable source. ... When reports is generated, some parts of scanned site ... and leads to code execution on the computer where scanner is installed. ... "Vulnerable" URL should include script code. ... (Securiteam)