We’ve had a lot of interest in PVS from the pen tester community. As a sniffer, you should deploy it on a span port, but that isn’t always an option.
If you can deploy it on a heavily visited system, you can run it there. The PVS runs fine on Sharepoint, Exchange, .etc and it will fingerprint and record the vulns of all systems that visit it over HTTP, SMB, .etc. The most ideal deployment of the PVS is with cooperation from the team you are doing the audit on. I’m obviously a big fan of PVS’s ability to find vulns, but what is more valuable is finding targets for the pen test including enumeration of all web sites, active but fire-walled hosts and management ports like SSH, SNMP & Telnet. Ron From: Larry Petty <[email protected]<mailto:[email protected]>> Reply-To: PaulDotCom List <[email protected]<mailto:[email protected]>> Date: Monday, December 23, 2013 at 6:57 PM To: PaulDotCom List <[email protected]<mailto:[email protected]>> Subject: [Pauldotcom] Tenable PVS on a pen test I'm a long time nessus user and love it. (I am forced to use Qualys for MSSP clients due to Tenable licensing, but that's a different topic.) I recently purchased a PVS license and have been using it with great success on security arch reviews and internal vulnerability assessments. I know some are using PVS on pen tests. How is this being employed without the use of a network tap or span port? In my experience, most customers won't allow these on a pen test. If only I had a sonic screwdriver. :) Sent from my Nexus 7
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
