Stephen Bradley wrote: > > Isn't that kind of the reason to run the scan in the first place? > > To what is open..................
To see what is vulnerable...but without making yourself vulnerable. If the scanner tries all the passwords on every box, those boxes may have access to at least a hash of the password. Are they all trusted? Similarly, how trusted is the communications path between the scanner and the scannee? If clear-text passwords are being passed around... -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe
