Firewall Wizards mailing list archives
Re: vulnerability scanner
From: Christopher Klaus <cklaus () iss net>
Date: Wed, 24 Mar 1999 19:45:55 -0500
Sandy Green wrote:
Besides ISS and Cybercops , is there any tool which does a host based vulnerability analysis and also attacks the system based on known attacks like IP spofing, tear drop, land attack, etc.
To shed a little more light on the subject and make a distinction in these tools to help people better evaluate the vulnerability analysis tools, here's some additional information: ISS typically classifies Internet Scanner, CyberCop, SATAN, etc as network based vulnerability analysis and policy enforcement tools. The reason is that they look for security issues over the network and mostly find isssues at the network service level. ISS classifies System Scanner, COPS, etc as a host based analysis and system policy tool. They search for security issues as an agent sitting on the actual host. System Scanner type tools do a more indepth analysis of the file system, backdoors, patches, etc that compliment and provide a comprehensive overview of the entire host and servers together with network based assessment tools. ISS classifies Database Scanner as an application based vulnerability and security policy tool. This type of product looks at security issues within Sybase and MS SQL Server. This area of vulnerabilities is majorly overlooked by most organizations, but the crown jewels of a company are often stored in wide-open databases. As E-Commerce is taking off, more applications are relying on these databases and they need to be routinely checked for good security. Many people are not aware of the different layers of vulnerability analysis between network, host, and application and that there are tools that address all three. When compiling your list, depending on how comprehensive you want to make it, it might make sense to include Internet Scanner (IS), System Scanner (S2), and Database Scanner (DBS) that exist to cover a wider range of vulnerability analysis. These type of tools can help not only find security issues, but help build a security policy of what is or is not acceptable, and make it easier for compliance and enforcement of that policy. ------------------------------------------------- Christopher Klaus Founder and Chief Technology Officer cklaus () iss net Internet Security Systems, Inc. (678) 443-6000 /fax (678) 443-6477 6600 Peachtree-Dunwoody Road NE 300 Embassy Row, Atlanta, GA 30328 www.iss.net NASDAQ: ISSX "Adaptive Security for the Networked Enterprise"
Current thread:
- vulnerability scanner Sandy Green (Mar 21)
- Re: vulnerability scanner Stefan Wagner (Mar 22)
- Re: vulnerability scanner Larry Chin (Mar 22)
- Re: vulnerability scanner Laurent LEVIER (Mar 22)
- Re: vulnerability scanner Randolf-Heiko Skerka (Mar 22)
- Re: vulnerability scanner Adam Shostack (Mar 22)
- Re: vulnerability scanner Dario Forte (Mar 24)
- Re: vulnerability scanner Christopher Klaus (Mar 24)
- RE: vulnerability scanner Ray Hooker (Mar 25)
- <Possible follow-ups>
- RE: vulnerability scanner Frank W. Keeney (Mar 22)
- Re: vulnerability scanner Cohen Liota (Mar 23)
- RE: vulnerability scanner Jason Diesel (Mar 25)
- RE: vulnerability scanner Dave Whitlow (Mar 28)