> nmap 2.12 is out, and free. It's a program that took the best of
> satan, and other scanners, added some other bells and whistles,
> and put it all in a nice tight package. But you will need tripwire
> or something similar, too.
Actually, nmap doesn't scan for vulnerabilities (the closest thing it does
it locate
ident servers). It's a network mapping tool which will locate all the active
hosts
on scanned network and report back services per various protocols (tcp,
udp...). 2.12 has the very cool function of tcp/ip fingerprinting, and it
comes
with a well developed host database, so it knows about pretty much
everything
it finds. It's fairly accurate too. I benchmarked it against visio
enterprise's
auto-discovery technology, which uses snmp as opposed to identification of
return packets (statistically, not many hosts respond to snmp), and nmap has
some definite performance advantages. By intergrating it with an msql
database and cgi, you can create quite the network inventory manager. It
even has a
built in comma delimited logging option. Its also....free.
> nmap is available at http://www.insecure.com/
Actually, nmap is available at www.insecure.ORG
insecure.com just gives me some banner ad...
Matt
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
