Full Disclosure mailing list archives
Re: Need help in performing a remote vulnerability scan
From: randall perry <lists () domain-logic com>
Date: Wed, 25 Feb 2004 23:53:33 -0500
At 10:32 PM 2/25/2004 -0500, you wrote:
Sure, just post to a couple of LUGs how much you just loooove SCO and would like toHello: I work for a manufacturing company that has many remote sites.I am in the US and I have been tasked with performing vulnerability assessments for about 30 remote sites in Europe, AsiaPac and South America.Can anyone recommend a method and set of tools that I can use to do them remotely?What I was thinking of was if there was an agent they could load remotely.Or possibly I could send them a CD-ROM; have them run the tool, and then send the output back to me in the USA.
see the whole OpenSource scene crushed by SantaCruz and Redmond ogers.Be sure to post from one of your company PC's so the IP can be tracked through the header.
I am sure you would have plenty of anonymous volunteers to help test your IDS system.
;) Or...you could try running the tried and true.. Nessus, nMap, etc..Understand that testing through your ISP may violate your terms of agreement (or at least
raise some red flags if you did open port scanning without stealth).Also keep in mind that vulnerabily assessment is MUCH MORE than 37337 hax0r on the Internet.
Here is a random range of items to have in place: -Secure code locks on server room doors (with ridged steel jambs), -screen saver passwords, -wifi auditing, -removing Post-it password notes from the bottoms of keyboards, -document shredding and destroying policies...The list goes on and on and from this small sample, you can begin to understand the wide-reaching
arms of 'secure policy'.Also don't forget your phone systems, video conferencing systems, wireless phones and faxing. These should all fall under the management of IT, and are also suceptible to tampering with and theft.
With such a big task, you might consider bringing in some reliable auditing teams.
Good luck with that.
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.
Randall Perry
Domain Logic Technology Solutions
http://www.domain-logic.com
Every problem has a solution. If there is no solution, there is no problem..
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Need help in performing a remote vulnerability scan Scott Connors (Feb 25)
- Re: Need help in performing a remote vulnerability scan Byron Copeland (Feb 25)
- Re: Need help in performing a remote vulnerability scan Valdis . Kletnieks (Feb 26)
- Re: Need help in performing a remote vulnerability scan randall perry (Feb 25)
- Re: Need help in performing a remote vulnerability scan Mike Barushok (Feb 25)
- Re: Need help in performing a remote vulnerability scan Nico Golde (Feb 27)
- RE: Need help in performing a remote vulnerability scan Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- Re: Need help in performing a remote vulnerability scan Byron Copeland (Feb 25)