Security Basics mailing list archives
RE: Vulnerability Scanning - Prioritising Remediation
From: Dominick Birolin <Dominick.Birolin () naeallc com>
Date: Thu, 22 Sep 2011 11:01:01 -0400
Depending on the IPS setting the IPS can interpret vulnerability scanning as a malicious traffic attempt and block it. You have tune the IPS correctly to avoid this. It takes a little bit of time but once it is done correctly you will not have to switch it off every time you want to scan. Regards, Dominick J. Birolin Network Engineer / Cyber Security Desk 732-623-8896 Mobile 732-429-2961 Fax 732-623-8897 North American Energy Alliance LLC 99 Wood Avenue South Suite 200 Iselin, NJ 08830 Please consider the environment before printing this email. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of ted fred Sent: Wednesday, September 21, 2011 12:41 PM To: John Morrison; J Teddy Cc: Securuty Basics Mailing List Subject: Re: Vulnerability Scanning - Prioritising Remediation I believe you should do both. with the IPS it shows whether or not its effective and working. Without reveals the true state without a mitigating control. -----Original Message----- From: John Morrison Sent: Wednesday, September 21, 2011 1:20 AM To: J Teddy Cc: Securuty Basics Mailing List Subject: Re: Vulnerability Scanning - Prioritising Remediation If you have an IPS as part of your security system should you not scan with it switched on? It is one of your controls. If you run a VA scan without the IPS won't you get incorrect results? What do other subscribers to this list do? Regards John On 20 September 2011 06:37, J Teddy <jteddylists () gmail com> wrote:
I'm currently documenting how to prioritise remediation efforts from my last vulnerability scan. As my assets have all had information risk assessments conducted, I can easily calculate my CVSS score using the CVSS2 calculator. I then started thinking about compensating controls in my network where I could possibly lower the priority of the remediation. For example the SSH vulnerability priority may be lowered as there is a signature for prevention on my IPS. The question I can not answer is if my IPS has prevention for such a signature, and I'm running a vulnerability scan through that IPS, will my IPS block those packets, with the end result being my VA scan does not detect the vulnerability? Thanks. ---------------------------------------------------------------------- -- Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4 42f727d1 ---------------------------------------------------------------------- --
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Vulnerability Scanning - Prioritising Remediation J Teddy (Sep 20)
- RE: Vulnerability Scanning - Prioritising Remediation Mikhail A. Utin (Sep 20)
- Re: Vulnerability Scanning - Prioritising Remediation Todd Haverkos (Sep 21)
- Re: Vulnerability Scanning - Prioritising Remediation John Morrison (Sep 21)
- Re: Vulnerability Scanning - Prioritising Remediation ted fred (Sep 21)
- RE: Vulnerability Scanning - Prioritising Remediation Dominick Birolin (Sep 22)
- RE: Vulnerability Scanning - Prioritising Remediation Mikhail A. Utin (Sep 21)
- RE: Vulnerability Scanning - Prioritising Remediation Dominick Birolin (Sep 23)
- Re: Vulnerability Scanning - Prioritising Remediation J Teddy (Sep 23)
- Re: Vulnerability Scanning - Prioritising Remediation ted fred (Sep 21)
- Re: Vulnerability Scanning - Prioritising Remediation J Teddy (Sep 23)
- <Possible follow-ups>
- Re: Vulnerability Scanning - Prioritising Remediation krymson (Sep 22)