Quoting Albert Warnecke ([EMAIL PROTECTED]): > Then I find out, what my IP-address is and scan this IP with Nessus.
Nessus will not tell you anything about a router's security. It'll tell you a lot about the presence of already known vulnerabilities, but nothing about how secure (or better, insecure) such a router is. > Is this a good idea that will yield relevant rsults? Did I miss something? Any > suggestions for improvments? You missed the pen-test side of it. Vulnerability enumeration is but a small part of the pie. It's - to mention something we are both familiar with :) - like running Nessus against a Zope server. Or, even worse, one of the other commercial products. None of them knows about Hotfixes - simply because Zope has such a small 'Marketshare' (it still rocks, though). How abot weak passwords, predictable passwords, backdoors? Nessus does not address them, and was never meant, to. Netopia, FlowPoint, Cayman, they all have and had their share of bugs and vulnerabilities, most of them undetectable through simple vulnerability enumeration but easily found through diligent research and a good portion of curiosity applied to common knowledge. Let me not be misunderstood here - Vulns found by Nessus are a serious concern, simply because they're the most likely ones to be found and exploited. There's gazillions of twelve-year-olds out there who have nothing better to do than run Nessus against random netblocks after school, but that's only a small fraction of what pen-tests are all about. jonas
