RE: Vulnerability Scanning - Prioritising Remediation

["Mikhail A. Utin" <mutin () commonwealthcare org>]

You have a good chance of IPS affecting your scanning. For instance, it could block SYN half-open packets, which are 
widely used by vulnerability and port scanners.
You need to check you IPS log to see if it blocks packets coming from your scanner.

Regards

Mikhail A. Utin, CISSP
Information Security Analyst
Commonwealth Care Alliance
30 Winter St.
Boston, MA 
TEL: (617) 426-0600 x.288
FAX: (617) 249-2114
http://www.commonwealthcare.org
mutin () commonwealthcare org


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of J Teddy
Sent: Tuesday, September 20, 2011 1:37 AM
To: Securuty Basics Mailing List
Subject: Vulnerability Scanning - Prioritising Remediation

I'm currently documenting how to prioritise remediation efforts from my last vulnerability scan.  As my assets have all 
had information risk assessments conducted, I can easily calculate my CVSS score using the CVSS2 calculator.

I then started thinking about compensating controls in my network where I could possibly lower the priority of the 
remediation.  For example the SSH vulnerability priority may be lowered as there is a signature for prevention on my 
IPS.

The question I can not answer is if my IPS has prevention for such a signature, and I'm running a vulnerability scan 
through that IPS, will my IPS block those packets, with the end result being my VA scan does not detect the 
vulnerability?

Thanks.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and 
who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell 
if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your 
Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential 
and privileged information for the use of the designated recipients named above. If you are 
not the intended recipient, you are hereby notified that you have received this communication 
in error and that any review, disclosure, dissemination, distribution or copying of it or its 
contents is prohibited. If you have received this communication in error, please reply to the 
sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication 
and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, 
please visit our Internet web site at http://www.commonwealthcare.org.


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------