From owner-freebsd-questions@FreeBSD.ORG Thu Oct 25 23:47:02 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 68A8116A41A for ; Thu, 25 Oct 2007 23:47:02 +0000 (UTC) (envelope-from ghirai@ghirai.com) Received: from iota.fastbighost.com (iota.fastbighost.com [65.98.8.190]) by mx1.freebsd.org (Postfix) with ESMTP id 3263513C4B0 for ; Thu, 25 Oct 2007 23:47:01 +0000 (UTC) (envelope-from ghirai@ghirai.com) Received: from [89.123.57.184] (port=63262 helo=deimos.bsd.nix) by iota.fastbighost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.68) (envelope-from ) id 1IlBsP-0000ok-24; Thu, 25 Oct 2007 23:12:33 +0000 Date: Fri, 26 Oct 2007 02:12:02 +0300 From: Ghirai To: "Bahman M." Message-Id: <20071026021202.5d0ec4eb.ghirai@ghirai.com> In-Reply-To: <20071025142940.38333356@attila> References: <20071025142940.38333356@attila> X-Mailer: Sylpheed 2.4.7 (GTK+ 2.10.14; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-PopBeforeSMTPSenders: ghirai@ghirai.com X-Antivirus-Scanner: Clean mail though you should still use an Antivirus X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - iota.fastbighost.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - ghirai.com X-Source: X-Source-Args: X-Source-Dir: Cc: freebsd-questions@freebsd.org Subject: Re: Software Vulnerability Scanner X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Oct 2007 23:47:02 -0000 On Thu, 25 Oct 2007 14:29:40 +0330 "Bahman M." wrote: > Hi all, > > I'm starting my career as a security analyst and I'd like to know if > there are any vulnerability scanners -Blackbox or Whitebox- available for FreeBSD, in > particular for Java applications. > > There are some softwares out there, e.g. HailStorm or SourceScope > however most of them are commercial and AFAIK there are only Windoze > versions. > > Any suggestion or pointer is highly appreciated. TIA, > In lack of a more specific question, i'd say start with /usr/ports/security/nessus. Generally these tools perform poorly on windows, mostly because of the crappy network stack. -- Regards, Ghirai.