Re: Need Some Basic Information

[Todd Haverkos <infosec () haverkos com>]

Thugzclub Thugzclub <thugzclub () googlemail com> writes:

> We have a UNIX estate, does this credentialed scan work on them as
> well ?

Yes.   And you'll find that for scanning Unix boxes, there are some
features that Tenable's wares have that one of their rather aggressive
competitors lacks (sudo / su and sudo+su) lacks.   This came to light
during a shootout I did.   So whatever vendors you look at, be sure to
look carefully at the authentication options supported for unix
scanning. 

The only host-based vendors I was aware of that could do anything on
unix were bigfix and landesk, and with neither being security
companies, the coverage is ... not really what an infosec group wants
to know.


--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------