[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] security analyzer and scanner
Ra ra shish boom ba. I like nessus, but I like accountability and so being that I try not to be biased, I would choose to use Nessus in conjunction with other commercial products. I've found that things the commercial products have are sometimes left out of the freeware, and vice versa. Also, I have seen where many scanners that do denial of services can cause a rebuild. If windows is writing to a particular OS file it may get into a state where a rebuild is neccessary. Either way its a moot point since you both are correct. Be careful with your probes! BTW- Tissue paper in hotels is free, but they don't allways have the two ply. :) -=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=- Larry Pingree Sr. Security Consultant Email: [email protected] SiegeWorks Company WebSite: http://www.siegeworks.com/ Security Installation, Training and Consulting -=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=- ----- Original Message ----- From: Chontzopoulos, Dimitris <[email protected]> To: <[email protected]>; <[email protected]> Sent: Friday, July 20, 2001 1:50 AM Subject: RE: [FW1] security analyzer and scanner > > I allready know that and that is why you should first get to know with the > exploit and exploit afterwards (DO NOT shoot FIRST and ask questions later). > Yes... I agree with you. It is dangerous. But i just can't believe you had > to re-install the W98 machine all over again. I use Nessus for 3 months now > and since then i used it against W95B, W98, W98SE, WIN NT 4 WRK SP3, WIN NT > 4 WRK SP4, WIN NT 4 WRK SP5, WIN NT 4 WRK SP6, WIN NT 4 WRK SP6a and allmost > all the Server Products (including 2 Interactive Unix machines and Nessus > itself). The only BAD thing happened was that i HAD to re-boot the damn > machines to clean them up (you must have noticed the existence of "Nessus" > directories in the HD of the machines attacked). So... Yes... IT IS A LITTLE > BIT DANGEROUS... But it is also freeware... It just can't (in my humble > opinion) FUBAR (remember Tango and Cash???) the PC's you exploit... > Reporting is gorgeous... Exploits come up all the time. Upgrading don't cost > a thing. The decision is up to you. You can install Nessus (cost is just a > PIII 450MHz, 128MB RAM, 4GB HDD, SVGA 1024x768 16K) or you can > install.............. Whatever... Personally... I LOVE NESSUS. WAY TO GO > NESSUS TEAM!!! > > > > Kind Regards, > > > > > Dimitris Chontzopoulos > IS Administrator > > > > Megatrust Securities S.A. > 4, Kapsali Str. > Athens, Greece > Telephone : +3 01 7262403 > Fax : +3 01 7262095 > e-mail : [email protected] > > IT Help Desk Support : +3 01 7262400 > > DISCLAIMER > ----------------------------------------------------------------- > - This message is intended only for the use of the person(s) - > - ("Intended Recipient") to whom it is addressed. It may - > - contain information, which is privileged and confidential. - > - Accordingly any dissemination, distribution,copying or - > - other use of this message or any of its content by any person - > - other than the Intended Recipient may constitute a breach of - > - civil or criminal law and is strictly prohibited. If you are - > - not the Intended Recipient, please contact the sender as soon - > - as possible. - > ----------------------------------------------------------------- > > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] > Sent: Wednesday, July 18, 2001 7:12 PM > To: [email protected] > Subject: RE: [FW1] security analyzer and scanner > > > > I agree, that Nessus is a great scanner and beats most others hands down. I > just wanted to warn you that using Nessus there is an option of using or not > using dangerous plugins. IT MEANS DANGEROUS !!!! I enabled all plugins > once and did a scan on a win98 box. It screwed the box up beyond > recognition. The drive had to be fdisked. > > FYI > > Marty > > -----Original Message----- > From: Chontzopoulos, Dimitris [mailto:[email protected]] > Sent: Tuesday, July 17, 2001 9:12 AM > To: [email protected]; '[email protected]' > Subject: RE: [FW1] security analyzer and scanner > > > > Install a Linux Machine (i am using Mandrake 8.0) and download Nessus from > http://www.nessus.org . You will find out that even free software can beat > the ass out of MAJOR software houses. Best of all... IT IS FREEWARE (GNU) > and you can install your own exploits or update it's database. I am using it > on regular basis (that is everyday...)... ;-). You can also take a look at > http://www.vulnerabilities.org where you can scan against your machines and > have a look at Nessus in action. > > > > Kind Regards, > > > > > Dimitris Chontzopoulos > IS Administrator > > > > Megatrust Securities S.A. > 4, Kapsali Str. > Athens, Greece > Telephone : +3 01 7262403 > Fax : +3 01 7262095 > e-mail : [email protected] > > IT Help Desk Support : +3 01 7262400 > > DISCLAIMER > -------------------------------------------------------------------------- -- > --------- > - This message is intended only for the use of the person(s) > ("Intended - > - Recipient") to whom it is addressed. It may contain information, > which is - > - privileged and confidential. Accordingly any dissemination, > distribution, - > - copying or other use of this message or any of its content by any > person - > - other than the Intended Recipient may constitute a breach of civil > or - > - criminal law and is strictly prohibited. If you are not the Intended > - > - Recipient, please contact the sender as soon as possible. > - > -------------------------------------------------------------------------- -- > --------- > > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Monday, July 16, 2001 6:18 AM > To: [email protected] > Subject: [FW1] security analyzer and scanner > > > > > Does anyone know about SAINT and webtrends security analyzer? > I am now looking into security scanner. Any other recommendation are also > welcomed. > > Thanks > Jin > > > > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|