From owner-freebsd-security  Fri Mar 16 12:43:57 2001
Delivered-To: freebsd-security@freebsd.org
Received: from obsecurity.dyndns.org (adsl-63-207-60-202.dsl.lsan03.pacbell.net [63.207.60.202])
	by hub.freebsd.org (Postfix) with ESMTP id EDF3937B718
	for <freebsd-security@freebsd.org>; Fri, 16 Mar 2001 12:43:54 -0800 (PST)
	(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 9F13F66B25; Fri, 16 Mar 2001 12:43:54 -0800 (PST)
Date: Fri, 16 Mar 2001 12:43:54 -0800
From: Kris Kennaway <kris@obsecurity.org>
To: Ashley Penney <ashp@unloved.org>
Cc: freebsd-security@freebsd.org
Subject: Re: What's vunerable?
Message-ID: <20010316124354.A98989@mollari.cthul.hu>
References: <3AB1DBF9.C721E3D6@vianetworks.co.uk> <20010316121158.A17693@daphne.unloved.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="wac7ysb48OaltWcw"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010316121158.A17693@daphne.unloved.org>; from ashp@unloved.org on Fri, Mar 16, 2001 at 12:11:58PM +0100
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


--wac7ysb48OaltWcw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Mar 16, 2001 at 12:11:58PM +0100, Ashley Penney wrote:

> One suggestion I would have is to pop to www.nessus.org, and use the
> scanner they provide.  It can output reports in HTML and so forth, with
> pretty graphics for PHB's.  However, it can sometimes trigger false
> alarms so I'd run it against the boxes, and check the results by hand.
>=20
> [I've found this very useful when I suddenly get thrown into 500 boxes,
> all running different versions of OS's.]

Always be careful trusting the results of automated scanners, because
they can never contain a database of ALL known vulnerabilities, so
your system may have other problems than what's noted there.  It may
be useful as a backup to make sure you haven't missed anything,
though.

Kris

--wac7ysb48OaltWcw
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE6snsKWry0BWjoQKURAu9IAJ4znVXrVf2ST0kyvVICmENlR7wtTgCfdlSu
P7/S2BiRNrjjXh871TFS4Cw=
=aHJw
-----END PGP SIGNATURE-----

--wac7ysb48OaltWcw--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message