Bugtraq mailing list archives
Re: ISS Internet Scanner Cannot be relied upon for conclusive
From: munkedal () N-M COM (Ulf Munkedal)
Date: Wed, 10 Feb 1999 23:13:22 +0100
Interesting discussion but everyone seems to be missing the basic point here. The point lies in the question: "what is the exact passed/failed criteria for each test?". An elementary part of any QA testing. If the passed/failed criteria is not know then it's _very_ difficult to use the result. And this is a basic problem with a lot of security scanners out there today, including the Internet Scanner. What exactly is the criteria for stating a vulnerability as found or not found? All vendors could do a far better job on documenting this. We use a lot of tools (commercial, expoits, scripts etc) and have written a lot of our own stuff. And very often teh problem with any tool boils down to the passed/failed criteria for each test executed by that specific tool. E.g. of the more than 1500 vulnerabilities we have found on over 400 systems we have tested so far we have found 36% of all the vulnerabilities manually. The tools were only able to find 64% of them... An important reason for this is lack of correct or even just documented passed/failed criteria. Simple but true. Ulf --- Ulf Munkedal Partner Neupart & Munkedal http://www.n-m.com Tel +45 7020 6565 Fax +45 7020 6065 Public PGP Key: http://www.n-m.com/pgp/ --- SecureTest - Vished for Internet-sikkerhed
Current thread:
- Re: ISS Internet Scanner Cannot be relied upon for conclusive, (continued)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Randy Taylor (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)
- More Comments: Security Scanners. Craig H. Rowland (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Randy Taylor (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Adam Shostack (Feb 10)
- remote fakebo shell exploit Groovy Pants Gus (Feb 11)
- AW: Security Bug in Bintec Router Firmware (CLID) Thomas Schmidt (Feb 11)
- Re: Security Bug in Bintec Router Firmware (CLID) Pascal Gienger (Feb 11)
- Seeking Policy Data Loftin C. Woodiel (Feb 11)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive der Mouse (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Ulf Munkedal (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Brian Koref (Feb 11)
- Buffer overflow in Serve-U Ryan Sweat (Feb 11)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Phil Waterbury (Feb 11)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Francis Favorini (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Steven M. Christey (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Daniele Orlandi (Feb 13)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Shaun Lowry (Feb 15)