----- Original Message ----- From: "Alvin Oga" <[EMAIL PROTECTED]> To: "John" <[EMAIL PROTECTED]> Cc: "Salah Nassar" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: April 24, 2002 5:53 PM Subject: Re: PC vulnerability check
> hi ya Hi Alvin. > salix seems to have 69 remote exploits included in its tools.. > but think there were over 700(?) rootkits ??? > and countless xx,000 exploits... Well, seeing as "Remote Access Session" is only in the 0.7 beta stage I wouldn't expect much from it at this time. It's one of the only PUBLIC scanners I have seen use automatic exploitation. These tools have been privately available for a while, but never to the public and never with this much effort put into them. > <rant> > doing a portscan like nessus/nmap is sorta worthless ??? > - it doesnt matter that port 25 is open on your mail server > - it doesnt matter that port 80 is open on your web server How are you going to know what services are open to the outside? I don't want to connect to every service manually to grab a banner when I can port scan a domain to see what services are available to me. Nessus isn't a port scanner. Nessus is a full blown vulnerability scanner that has port scanning capabilities. Also, port scans have revealed weaknesses in routers, switches, and services. Just take a look at some of the advisories that Cisco has published in the last three years ;) > > On Wed, 24 Apr 2002, John wrote: > > > NSAT and RACCESS are very interesting. I think Nessus is the best out of all > > the listed scanners below. > > > > Freeware > > http://www.nessus.org/ > > http://www.gfi.com/lannetscan/index.htm > > http://mixter.warrior2k.com/nsat-1.41.tar.gz > > http://www.salix.org/raccess > > > > Commercial > > http://www.eeye.com/html/Products/Retina/index.html > > http://www.iss.net/products_services/enterprise_protection/vulnerability_ass > > essment/index.php > > > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > For Account Management (unsubscribe, get/change password, etc) Please go to: > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
