According to Mandy Andress:
http://www.nwfusion.com/reviews/2002/0204bgrev.html
This article states that the following vulnerabilities are not found by Nessus:
-Domain Controller Request DoS
-Malformed RPC Packet
-Packaging Anomaly
-Virtualized UNC Shares
-Malformed WebDAV Attack
-wu-ftpd format string debug set
-wu-ftpd file globbing
-sendmail maillocal
-OpenSSH UseLogin
Someone tell me this is BS before I do the research myself. The article also states that NetIQ and NetRecon found 2065 and 762 identified vuls in their test environment... Now I know this is BS, many scanner manufacturers, like ISS, I know for a fact give different labels to multiple signatures when in fact they are just variants to one attack giving the purchaser the idea it finds more.
Anyone's feedback is welcome!
Troy Perkins
Information Security Analyst
S1 Community and Regional eFinance Solutions Group
(512) 336-3152 (p)
(512) 336-3250 (f)
visit us at <<http://www.s1.com/>>
Delivering the Compelling eFinance Experience
--------------------------------------------------------------------
LEGAL NOTICE: OBLIGATION OF CONFIDENTIALITY
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone
else is unauthorized. If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted to be taken
in reliance on it, is prohibited and may be unlawful.
--------------------------------------------------------------------
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
mQGiBDxVe3IRBADsTVZLua1guipy+d5m7EHKQTvt3mSfDpbuyuZs7JMm7i0TgHTo
nwnQe1cWmAC+EacNoSYS1HrSf9KE9eFzN3ampI0HEyJ2f3WFGiK0aNYeOJvISh5A
ds6V1MNFMFybcvYdXtQ/g9qOW/4nQ+eefEnoXLrwrdXpSFaP6L3kE1M9OQCg/5Fn
umL+xzHPKjaav/RmhIyUVfMD/1KMQbi5zmzK/7nICkY/oyVv1+612tczbsJhR3wV
FsO2S9T6SSfWl7ivYGyLrRBGJczcn+c30V3/p+vAHwozrguQosKFajStyYaO3JID
xBEe2izrG9PvIDr24wf9is/9f0ERv2B1zvHrOjcsw34DQrJtrhg8rxsPHjUT/dMG
6bfNA/0fkOJfUgh/y2CtJAhgxJnzzC41UXNA/25ce48SOtksapS8JYImdpx1ln9N
ADKa6jKw2pQTkKAluDwY0a+ZCt2R+WbJtnIto9uxLjg2D9mQpDMgh1mTuejt6JFR
jrier8S2DRynqLJT0P13937RVJPeLXTl8Wd3tHAP0bDXlDfJorQlVHJveSBTLiBQ
ZXJraW5zIDx0cm95LnBlcmtpbnNAczEuY29tPokATgQQEQIADgUCPFV7cgQLAwIB
AhkBAAoJECVXDuiyYRUvXrgAoPBZysxU/KEc8pm93DBQz/eu3x6+AKDo3WLboUML
Z9XhcUffDaUzjGmnc7kBjQQ8VXtyEAYA+PVZX9x2Uk89PY3bzpnhV5JZzf24rnRP
xfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr5fSI/VhOSdvN
ILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4XTjTNP18F1dD
ox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMI
PWakXUGfnHy9iUsiGSa6q6Jew1XpWHxHAAICBgCXJStvD7pmGlXAMniqsp6tv9Xj
7HXhJiODL6iCmBIKzvrkMLkjFcoRz7eT4//ru6Gs/1sYL3AW25gBkb82yVjJ81VW
kIS8FLxKAuqpl55vZR+Qae/vYT5Jv8J17zcl8PKqMRfBSXJ7EVTq3v/VyEnQv0j6
vWKnj9wppCTflAcoVYVjGElfVqidVtHwTynVsszvuS1K0V3tdMU0OCMli/ChhtMZ
lRExqNiedLyzM2U31/PgUuzGObiAbZI0PxatOE6JAEYEGBECAAYFAjxVe3IACgkQ
JVcO6LJhFS911gCcCzZPOVZWwDyVr3tdt6m0YyApnuAAmQEH5fm/hc4Dm98obs8a
06HteGIk
=gbrO
-----END PGP PUBLIC KEY BLOCK-----
