Date: Fri, 16 Mar 2001 12:43:54 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Ashley Penney <ashp@unloved.org> Cc: freebsd-security@freebsd.org Subject: Re: What's vunerable? Message-ID: <20010316124354.A98989@mollari.cthul.hu> In-Reply-To: <20010316121158.A17693@daphne.unloved.org>; from ashp@unloved.org on Fri, Mar 16, 2001 at 12:11:58PM %2B0100 References: <3AB1DBF9.C721E3D6@vianetworks.co.uk> <20010316121158.A17693@daphne.unloved.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--wac7ysb48OaltWcw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Mar 16, 2001 at 12:11:58PM +0100, Ashley Penney wrote: > One suggestion I would have is to pop to www.nessus.org, and use the > scanner they provide. It can output reports in HTML and so forth, with > pretty graphics for PHB's. However, it can sometimes trigger false > alarms so I'd run it against the boxes, and check the results by hand. >=20 > [I've found this very useful when I suddenly get thrown into 500 boxes, > all running different versions of OS's.] Always be careful trusting the results of automated scanners, because they can never contain a database of ALL known vulnerabilities, so your system may have other problems than what's noted there. It may be useful as a backup to make sure you haven't missed anything, though. Kris --wac7ysb48OaltWcw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6snsKWry0BWjoQKURAu9IAJ4znVXrVf2ST0kyvVICmENlR7wtTgCfdlSu P7/S2BiRNrjjXh871TFS4Cw= =aHJw -----END PGP SIGNATURE----- --wac7ysb48OaltWcw-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010316124354.A98989>