Re: Scanning tools

Tue, 18 Apr 2000 12:36:19 -0700 

I haven't played with CyberCop but I use Nessus all the time. It's a 
fine program. As for Nmap how can anybody be without it?

http://www.nessus.org
http://www.insecure.org   <-- nmap


>Tim,Carric,
>
>Where can I find nessus and nmap. Also, has anybody ever used or is 
>familiar with CyberCop Scanner from Network Associates(www.nai.com). 
>It seems to be quite loaded, and may be even an overkill and cost 
>too much.
>
>Thanks,
>ali
>
>>>>  Tim Sailer <[EMAIL PROTECTED]> 04/18/00 10:09AM >>>
>On Tue, Apr 18, 2000 at 09:57:41AM -0400, Carric Dooley wrote:
>>  I want to do something like this with a Linux box.  You could use 
>>a combination of something like Argus (I think that's what it's 
>>called... look at www.opensec.net).. it detects new MAC's on the 
>>network.   You could use it in tandem with nmap and get what you 
>>are trying to achieve.  I want to partner that with some kind of 
>>DoS tool  (like the RST daemon in hunt) so if a user brings up a 
>>DHCP server on one of my nets, every packet he transmits gets hit 
>>with RST's...
>
>Argus, or arpwatch, or anything like that won't really work across our
>switched network. We have roughly 6500 devices hanging on a /16 IP block.
>I can get the MACs from the 5 main routers. I guess I can use the batch
>mode of nessus, which I never knew existed! I was too concentrated on the
>GUI. I'm plopping all the MACs, associated IPs, and FQDN into a database,
>and running through that every 10 minutes. That window may be too large, but
>it's a start, until I can get this worked out.
>
>Thanks,
>Tim
>
>--
>  (work) [EMAIL PROTECTED] / (home) [EMAIL PROTECTED] - http://www.buoy.com/~tps
>     Lord, grant me the serenity to accept the things I cannot change,
>     the courage to change the things I can, and the wisdom to hide the
>     bodies of the people I had to kill because they pissed me off - Anon.
>** Disclaimer: My views/comments/beliefs, as strange as they are, 
>are my own.**
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to