Security Basics mailing list archives
SV: Security scanning tools
From: "Kim Guldberg" <kim () bufferzone dk>
Date: Tue, 16 Dec 2003 15:23:52 +0100
1. In my world you are covered pretty nicely. Nessus is a good tool, that will finde most problems, often it will rapport some false positives and you should always manually validate Nessus finds, positive and negative. One thing you should consider is patch management. You should always keep track of witch patches you have applied to which systems in what order. My advice is, keep a logbook for all your servers, where you note the patches and when they are applied. You should also keep track on all configurative changes and all other relevant system tweaking. Use the tools to point to what you need to manually verify, keep track of what you have done, that way you will on top of most things 2. yes they are, and better false positives then false negatives Regards Kim Guldberg My questions to the group are: 1. What tool[s] should I look to buy that that correctly reports security vulnerabilties with the least false positives? 2. Are false positives a known [feature] of all scanning tools? Jack _________________________________________________________________ Hotmail messages direct to your mobile phone http://www.msn.co.uk/msnmobile ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Security scanning tools Jack Solomon (Dec 15)
- Re: Security scanning tools Carlton Foster (Dec 15)
- Re: Security scanning tools Devilscrow Sr (Dec 15)
- Re: Security scanning tools Chris Burton (Dec 15)
- SV: Security scanning tools Kim Guldberg (Dec 16)
- <Possible follow-ups>
- Re: Security scanning tools H Carvey (Dec 15)
- RE: Security scanning tools KoRe MeLtDoWn (Dec 15)