Security Basics mailing list archives

SV: Security scanning tools

From: "Kim Guldberg" <kim () bufferzone dk>
Date: Tue, 16 Dec 2003 15:23:52 +0100

1.
In my world you are covered pretty nicely. Nessus is a good tool, that
will finde most problems, often it will rapport some false positives and
you should always manually validate Nessus finds, positive and negative.

One thing you should consider is patch management. You should always
keep track of witch patches you have applied to which systems in what
order. 
My advice is, keep a logbook for all your servers, where you note the
patches and when they are applied. You should also keep track on all
configurative changes and all other relevant system tweaking.

Use the tools to point to what you need to manually verify, keep track
of what you have done, that way you will on top of most things

2.
yes they are, and better false positives then false negatives

Regards 
Kim Guldberg  



My questions to the group are:
1. What tool[s] should I look to buy that that correctly reports
security 
vulnerabilties with the least false positives?
2. Are false positives a known [feature] of all scanning tools?


Jack

_________________________________________________________________
Hotmail messages direct to your mobile phone
http://www.msn.co.uk/msnmobile


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----





---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Security scanning tools Jack Solomon (Dec 15)
- Re: Security scanning tools Carlton Foster (Dec 15)
- Re: Security scanning tools Devilscrow Sr (Dec 15)
- Re: Security scanning tools Chris Burton (Dec 15)
- SV: Security scanning tools Kim Guldberg (Dec 16)
- <Possible follow-ups>
- Re: Security scanning tools H Carvey (Dec 15)
- RE: Security scanning tools KoRe MeLtDoWn (Dec 15)