RE: [SLUG] Security Vulnerability Scanners

Wed, 04 Oct 2000 20:53:06 -0700 

With nessus did you enable the dangerous plugins?
It should have at least told you what the netbios name of the machine was
and what workgroup it was in. It did that for me when i tried it vs NT PDC
and win2k server.

dave

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Doug Stalker
> Sent: Thursday, 5 October 2000 2:39 PM
> To: SLUG
> Subject: Re: [SLUG] Security Vulnerability Scanners
>
>
>
> Some feedback for everyone who helped with my question on
> security Vulnerability
> scanners:
>
>
> Nessus - It looks very nice, but it doesn't seem to work very
> well when doing
> remote probes.  Scanning the system it was installed on (My Home system,
> Mandrake 7.1 w/ ipchains firewall) picked up a few potential
> holes vulnerable to
> a local user, but scanning a remote Win98 system with file
> sharing open to the
> net (complete with unpassworded shares) failed to even generate a
> warning.  When
> scanning the target system (openlinux 1.2) all it did was
> generate some general
> warnings about services being available.  ("Port 23 is running
> telnet, which is
> insecure" etc).
>
> I couldn't get Satan to work.  On my home system it can't find
> perl to it's
> satisfaction, and on the target system it compiles but when you
> launch it the
> browser doesn't seem to work with the html properly - it just
> keeps trying to
> save teh page instead of viewing it.
>
> The Port Scan test at Gibson Research doesn't provide any
> information other than
> to test if several common ports are open.  The Shields Up! test
> works properly,
> but all that does is check to see if you have netbios available
> to the server.
> (Either from Windows file-sharing or from installing SAMBA)
>
>
> Thanks all for your help, even if I didn't get the results I wanted.  I'm
> currently writing up a document explaining why it's a bad idea to have the
> target  system expose all it's services to the internet, even if
> there aren't
> any well documented security exploits.
>
>   - Doug
>
> --
> _____________________________________________________________
>   Network Operations Engineer - Big Pond Advance Satellite
>  Ericsson Australia - Level 5, 184 The Broadway, Sydney 2000
>   Ph: +61-416-085-390   Email: [EMAIL PROTECTED]
>
>
>
>
> --
> SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> More Info: http://slug.org.au/lists/listinfo/slug
>



--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Reply via email to