[snip]
My research indicated that the threat was greatest from
insiders, so my suggested approach was to require that the scans be ran
from inside the network ( specifically behind the firewall.)
Other will argue that the scans should be ran from outside the
firewall since the threats are mainly external.
[snip]
I agree with most of the thoughts on this thread, but thus far the replies
have all missed a very critical point. When considering external or
internal scanning, the real answer is BOTH.
A network device (router, IDS, whatever), or even the target host, may
react very differently depending on the source of the scan and the
architecture of the network between the scanner and the target. It is very
possible to scan the same target from both the inside and the outside, and
get two very different results.
~Jay
--
..
.. Jay Jacobson
.. Edgeos, Inc. - 480.961.5996 - http://www.edgeos.com
..
.. Private-Labeled Managed Vulnerability Assessment Services
..
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
