Hello Adrian,
We use Languard NSS. Although I think it is a very good tool it does have a tendency to return some false positives - like many tools - (particularly around open ports) and seems a tad bit sensitive on reporting vulnerability level (if you did not know what you where doing you may think your machine is highly vulnerable when it may not be). I too have seen it report some open ports that were not really open and report ports that belonged to legitimate services as possibly being a Trojan. Again, I think it is a very good tool (it can also assist in patch management and network and software auditing) as long as you follow-up on its reporting. This is just another example of why you cannot rely on tools alone to secure your network. Jody _____ From: [email protected] [mailto:[email protected]] On Behalf Of Adrian Crenshaw Sent: Friday, May 15, 2009 10:02 PM To: PaulDotCom Security Weekly Mailing List Subject: [Pauldotcom] Opinions on GFI LANguard I've been playing with GFI LANguard. I did a scan of one of my boxes, and it say I have something like 19 different "Open ports commonly used by Trojans". I did an "nmap -p 0-65535" and did not find and of the ports open that LANGuard reported. I plan to do an AV sweap next, but does anyone have any experiance with LANGuard? Is it prone to false positives? Thanks, Adrian No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.5.325 / Virus Database: 270.12.30/2115 - Release Date: 05/15/09 17:55:00
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
