Bugtraq mailing list archives
Re: ISS Internet Scanner Cannot be relied upon for conclusive
From: mr_joej () HOTMAIL COM (Mr. joej)
Date: Mon, 8 Feb 1999 09:46:48 PST
[snip]
There appears to be some misunderstanding on your part.
[snip] nope, no misunderstanding here. I am very clued in on the problem. Anyway ... I never called it a 'bug'. I called it a misrepresentation. Example: You test for the OOB or winnuke DoS. Do you retrieve the OS version, and look for vulnerable versions? NO, you actually test it. Hence the test is pretty reliable. However--- With the cisco router checks, if I have them selected, I scan my network and Internet Scanner cannot gain access to the box via snmp or user exec mode, then it will not report anything about these tests. It doesn't say I'm vulnerable. It doesn't say I'm not vulnerable. Refering back to the OOB test, why don't you just scan for these tests to? the ioslogon bug in particular? AND---- if you don't know how, and the only way for you to scan is looking at the version, at least tell us (Internet Scanner users) that 'hey I couldn't scan for these bugs for reason .. .blah blah' now granted I don't care to see that you couldn't scan for NFS problems on my router. There would be no point. But you definitely need to figure something out! once again, pointing out this is not bashing any product, I like ISS Internet Scanner, however this is something they did not want to address directly with me, nor did I think anyone else would be aware of this. joej Mr_JoeJ () hotmail com ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- Spoofed Yahoo web site - www.yaho.co.uk, (continued)
- Spoofed Yahoo web site - www.yaho.co.uk Paul Murphy (Feb 08)
- Re: Spoofed Yahoo web site - www.yaho.co.uk Paul McGovern (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Christopher Masto (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- NetApp Filer software versions 5.x: potential hardware killer Jason Downs (Feb 10)
- Spoofed Yahoo web site - www.yaho.co.uk Paul Murphy (Feb 08)
- Netect Advisory: palmetto.ftpd - remote root overflow Jordan Ritter (Feb 09)
- Re: Netect Advisory: palmetto.ftpd - remote root overflow bugtraq mailing list account (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Mr. joej (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Casper Dik (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
- sl0scan (ambiguous source portscanner) miff (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Randy Taylor (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)