RE: LANguard scan results

["xyberpix" <xyberpix () xyberpix com>]

So, as usual I haven't been checking my mail lately, so now I'm prolly
going to end up sending a barrage of mails today, oh well.
I have to agree here, I've used LanGuard in the past, and while it does do
certain things very well, results from LanGuard should not be relied upon
alone, as I have also seen this generate a load of false positives, and
after a while I was forced to stop using it, as I like to use tools that
work properly.
Have a look into Nessus v2 as it has come a long way, and is definately
worth looking at if you're looking for a tool that does what LanGuard is
supposed to.

xyberpix

On Sun, 5 December, 2004 2:47 pm, pingywon said:
> It is my experienced that LANguard is over rated. I worked for a company
> and
> one of the services they provided was "Network Security Testing" ...all
> they
> would do is bring a laptop in the network and run LANguard. Then scare
> customers with the fact that their network printers have a unpasswored
> HTTPd
> running with the default SNMP string ...the collect the $$ and leave
>
>
> Maybe im basis because of this experience, but Id rather use a
> combinationg
> of tools rather then LANguard
>
> -----Original Message-----
> From: Newberry, Julie S [mailto:Newberry () uthscsa edu]
> Sent: Thursday, December 02, 2004 14:35
> To: security-basics () securityfocus com
> Subject: LANguard scan results
>
> I just got the new version of GFI LANguard.  When I scan it says that
> every computer has TCP port 80, 119, 1080, and 8080 is open.  When I
> scan with several other tools I get different and more accurate results.
> These ports do not appear to actually be open. Does anyone know how to
> prevent LANguard from reporting these inaccurate results?
>
> Julie
>
> -----Original Message-----
> From: Nathaniel Hall [mailto:halln () otc edu]
> Sent: Wednesday, December 01, 2004 8:59 PM
> To: petreski () ksu edu
> Cc: security-basics () securityfocus com
> Subject: Re: Win95 detection
>
> I know that GFI LANguard can determine the difference between XP and
> 2000 machines.  I believe that it will detect 95/98/ME too.  The biggest
>
> problem is that it is expensive.  They do, however, offer a demo version
>
> that will let you scan up to 25 machines at a time.  Take a look at
> www.gfi.com
>
> Nathaniel Hall, GSEC
> Intrusion Detection and Firewall Technician
> Ozarks Technical Community College -- Office of Computer Networking
>
> halln () otc edu
> 417-447-7535
>
>
>
> Trevor Cushen wrote:
>
> > Have you tried a login script to do the job for you?  Kix32 is perfect
> > for this job.
> >
> > -----Original Message-----
> > From: Samuel Petreski [mailto:petreski () ksu edu]
> > Sent: 30 November 2004 21:53
> > To: security-basics () securityfocus com
> > Subject: Win95 detection
> >
> >
> > I have been given the task to scan for hosts that are running Windows
> 95
> > on
> > the network. I have tried scanning with Nmap and Nessus, however they
> > cannot
> > distinguish the hosts between 95/98/ME. I was wondering if anyone has
> > run
> > across a tool that is able to detect Win95 hosts on the network.
> >
> > Thanks for your help.
> >
> > Samuel Petreski
> >
> > This email and its attachments are solely for the attention of
> petreski () ksu edu.
> > Please contact Trevor.Cushen () sysnet ie if you receive this mail in
> error.
> >
>
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.804 / Virus Database: 546 - Release Date: 11/30/2004
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.804 / Virus Database: 546 - Release Date: 11/30/2004


-- 
For security and Opensource news check out:
http://xyberpix.demon.co.uk