Security Basics mailing list archives
Re: Question on root credentials for scanning
From: Todd Haverkos <infosec () haverkos com>
Date: Wed, 05 Oct 2011 12:11:06 -0500
vedantamsekhar () gmail com writes:
I feel as most in the group says, it depends on the purpose of the scan. Probably we can do a Credentialed scan before a server infra is about to be placed in DMZ and later on the periodical scans can be done with non-credentialed scans. I know, performing credentialed scanning every time is ideal but in most cases, when a server in production, it becomes un touchable. So, we may have to rely on Surface scanning, non-credentialed scans. Credential scans usually takes long time than surface scans.
Your last statement may be valid for some scanners, but for what it's worth, it's 100% incorrect for Nessus users at least. Their credentialed scanner will shortcut full port scanning when using credentials and it scrapes for listeners using netstat instead. WAY faster than querying all the ports, particularly with UDP. I like this feature quite a bit. Granted a rootkit can hide listeners from netstat if you're dealing with a compromised host, but the same can be said for external scans being blind to services listening with portknocking on a compromised host. Best Regards, -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: RE: Question on root credentials for scanning vedantamsekhar (Oct 05)
- Re: Question on root credentials for scanning Todd Haverkos (Oct 05)