On 15 Feb 2002 05:20 PM, Alvin Oga wrote: > its nice that nmap says that port 25 is open for your mail server... > but ... i'd like it to tell me that sendmail/exim is vulnerable or not > ( at least the latest/greatest version with latest/greatest buggs )
AFAIK, the SecuritySpace scanner is the only one online that will actually examine the ports open then run vulnerability tests against those. In fact they're adding new ones all the time. As for HackerWhacker, it seems to give you some basic info based on services running that are historically dangerous IIRC. Regarding nmap, yeah it doesn't tell you a whole lot about how to exploit the box, just where to start. Guess someone should have mentioned that. ;) Then again Nessus looks like it does, but I haven't used it. Speaking of exim, your wish may come true. ;) Jeff Bonner
