IDS mailing list archives
Re: Cisco CTR
From: Ron Gula <rgula () tenablesecurity com>
Date: Mon, 17 Nov 2003 16:17:17 -0500
Just a clarification on NeVO ... At 03:03 PM 11/17/2003 -0500, Martin Roesch wrote:
" The version of Nevo that I saw a couple months ago was doing OS fingerprinting in support of passive vulnerability analysis, "
NeVO does do passive OS fingerprinting with p0f2 fingerprints, but that's only one of the checks it does, and the OS it finds has nothing to do with the vulnerabilities it finds. For a vulnerability to ping in NeVO, we really need to see evidence of it on the wire. We've built a similar detection engine into NeVO as with Nessus. For example it can detect an anonymous ftp server running on a high port. Ron Gula --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register athttp://www.securityfocus.com/sponsor/RSA_focus-ids_031023 and use priority code SF4.
---------------------------------------------------------------------------
Current thread:
- Re: Cisco CTR, (continued)
- Re: Cisco CTR Joe Bowling (Nov 12)
- Re: Cisco CTR Ron Gula (Nov 13)
- Re: Cisco CTR John Lampe (Nov 13)
- Re: Cisco CTR Martin Roesch (Nov 17)
- Re: Cisco CTR Ron Gula (Nov 17)
- Re: Cisco CTR Martin Roesch (Nov 17)
- Re: Cisco CTR Ron Gula (Nov 17)
- Re: Cisco CTR Martin Roesch (Nov 19)
- Re: Cisco CTR Ron Gula (Nov 19)
- Re: Cisco CTR Martin Roesch (Nov 20)
- Re: Cisco CTR Joe Bowling (Nov 12)
- Re: Cisco CTR Ron Gula (Nov 19)
- Re: Cisco CTR Renaud Deraison (Nov 19)
- Re: Cisco CTR Martin Roesch (Nov 19)
- Re: Cisco CTR Renaud Deraison (Nov 20)
- Re: Cisco CTR Martin Roesch (Nov 20)
- Re: Cisco CTR Renaud Deraison (Nov 20)
- Message not available
- Re: Cisco CTR Mark Teicher (Nov 20)
- Re: Cisco CTR Ron Gula (Nov 20)
- RE: Cisco CTR David J. Meltzer (Nov 25)
- Re: Cisco CTR Martin Roesch (Nov 27)