Penetration Testing mailing list archives
Re: Security Audit
From: "Dave Wray" <davew () sec-tec com>
Date: Wed, 5 Sep 2001 22:27:21 +0100
forrest () code-lab com wrote:
This brings me to question why are they doing >assessments by hand when
there are great tools like >Nessus? Sorry, This may be off subject slightly, but I had to comment. Nessus is a great tool, I use it frequently and personally prefer it to many commercial tools which I also use, but there are *MANY* reasons for doing parts of a test manually. Only two weeks ago, one of our clients was tested according to our internal procedure. Several automated tools came back all clear. Within 15 minutes of manual testing we found the web server to be vulnerable to both the UTF-8 and double decode vulnerabilities. The reason for this was simply that the tools (which I will not name) presumed that Windows NT is always installed in a directory called winnt, when in this case it was installed in a directory called winnt40. This was enough to throw the automated tools way off of the scent. Also, what about custom CGIs, ASPs etc, they may be vulnerable to /../ attacks, SQL injection etc etc, but there isn't (to my knowledge) any 100% sure fire reliable way to test for these automatically in this scenario. To do the test properly you need to apply the methodology to the custom environment. I think a more suitable question is why would you pay a 'Consultant' good money to hit a big green go button and print the results? Regards to all Dave Wray Sec-Tec Ltd www.sec-tec.co.uk ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: Security Audit H Carvey (Sep 04)
- <Possible follow-ups>
- RE: Security Audit Christopher Ray (Sep 04)
- RE: Security Audit Aleksander Czarnowski (Sep 04)
- Re: Security Audit Forrest Rae (Sep 05)
- Re: Security Audit Todd Ransom (Sep 05)
- Re: Security Audit Bill Pennington (Sep 06)
- Re: Security Audit Todd Ransom (Sep 06)
- RE: Security Audit Dom De Vitto (Sep 06)
- Re: Security Audit Forrest Rae (Sep 06)
- Re: Security Audit R. DuFresne (Sep 06)
- Re: Security Audit Todd Ransom (Sep 05)
- Re: Security Audit Dave Wray (Sep 06)
- Re: Security Audit Jonathan Rickman (Sep 07)
- Re: Security Audit Philipp Buehler (Sep 06)
- Re: Security Audit bacano (Sep 06)
- Re: Security Audit bacano (Sep 05)
- Re: Security Audit JCovington (Sep 05)
- Re: Security Audit bacano (Sep 06)
- RE: Security Audit PM Systems - Rick Woehler (Sep 05)
- Re: Security Audit H Carvey (Sep 06)
- RE: Security Audit Filer, Eddie (ZA - Johannesburg) (Sep 06)
- RE: Security Audit Wertheimer, Ishai (Sep 06)