On Wed, 28 Apr 2004, Joel R. Helgeson wrote: > > Top 15 Reasons Why Admins Use Security Scanners > > This list has been compiled by emailing various Security/Admin lists... > Anyone care to offer their input - add to the list? > > -Am I sure that I have found all vulnerabilities in my network?
Unfortunately you cannot really be sure that you have no known vulnerabilites in your network with most scanners. Sometime if you use a scanner like nessus and have a network of debian stable machines (or any other OS which doesn't upgrade the version of a program when a vuln is found but instead backport the fix in order to avoid problems with upgrade which change too much things) you get too much false positive because nessus only try to find the version and don't really test the vulnerability. I think the right way to do it is to use a scanner which will use an exploit to test the vulnerability. Unfortunately an exploit is not always avaible for every vulnerability. What scanner are you using ? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
