Re: [PEN-TEST] ForixNT, the NT Audit Toolkit

[H Carvey <keydet89 () YAHOO COM>]

> Just been looking at the ForixNT example and in 
comparison to other NT
> agentless products such as STAT and 
SecurityExpressions it seems a little
> weak.

Interesting..."weak" how?  How is being able to 
update say, your Domain Account Policies, across 
the enterprise, "weak"?  And being able to do so 
based on any aspect of the system...type, IP 
address, etc?

How is providing an easy means for an NT 
administrator to perform regular scans to ensure 
compliance with policies "weak"?

Let me through this out...you looked at the 
example.txt file and figured that was all that 
ForixNT is capable of.  ForixNT is a toolkit for 
performing audits and updates...based on the needs 
to of the NT administrator.  Given the model and 
design, it's far easier to update.  Most 
commercial tools are moving to a live update 
feature...but suppose you need something specific 
to your infrastructure, such as a particular 
Registry setting (or several) set and checked.  
How do you get the commercial company to release 
an update just for you?

Keep in mind that the more popular commercial 
scanning tools will report vulnerabilities based 
on some arbitrary determination of what a 
"vulnerability" is...ForixNT is far more flexible 
and extensible, and allows the NT administrator to 
use the tool to meet the needs of the 
infrastructure, rather than the other way around.

H. Carvey
Lead Developer, ForixNT