On Thu, Aug 29, 2002 at 12:48:54PM +0200, Jerome Iffrig wrote:
> I would like to do it as if I was someone from the outside - However I
> have installed NESSUS on the server machine which runs the firewall - As
> far as I understand Nessus cannot operate properly in this environment.
It will operate properly, although it will see more things than what are
actually available (if your firewall blocks all incoming connections
but you still run a vulnerable lpd or whatever, Nessus will see that
although an attacker would not).
> So, what is the recommended approach for the tests I want to do?
Test it and upgrade everything anyway, even if not available from the
outside. If you can't break into that host from the inside, odds are
that it will be difficult to do from the outside.
-- Renaud
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
