Penetration Testing mailing list archives

Re: [PEN-TEST] ForixNT, the NT Audit Toolkit

From: "Teicher, Mark" <mark.teicher () NETWORKICE COM>
Date: Thu, 31 Aug 2000 09:19:08 -0700

OK.

If you compare ForixNT against the main contenders in the same space

Symantec/Axent ESM/ITA
STAT
etc

it appears that ForixNT has a much smaller footprint, is not as non-working
feature heavy as some of the commercial products .

Live update is not a feature one should really aspire to having as an
attraction to a product.  It is a nice to have, but it is more of an issue
for the vendors these days, it is far easier to have a live update feature
in order to push out bugfixes then anything else.  The first ISS RealSecure
5.0 update was bugfix not a update..

/m


At 09:31 AM 8/31/00 +0000, H Carvey wrote:

> Just been looking at the ForixNT example and in
comparison to other NT
> agentless products such as STAT and
SecurityExpressions it seems a little
> weak.

Interesting..."weak" how?  How is being able to
update say, your Domain Account Policies, across
the enterprise, "weak"?  And being able to do so
based on any aspect of the system...type, IP
address, etc?

How is providing an easy means for an NT
administrator to perform regular scans to ensure
compliance with policies "weak"?

Let me through this out...you looked at the
example.txt file and figured that was all that
ForixNT is capable of.  ForixNT is a toolkit for
performing audits and updates...based on the needs
to of the NT administrator.  Given the model and
design, it's far easier to update.  Most
commercial tools are moving to a live update
feature...but suppose you need something specific
to your infrastructure, such as a particular
Registry setting (or several) set and checked.
How do you get the commercial company to release
an update just for you?

Keep in mind that the more popular commercial
scanning tools will report vulnerabilities based
on some arbitrary determination of what a
"vulnerability" is...ForixNT is far more flexible
and extensible, and allows the NT administrator to
use the tool to meet the needs of the
infrastructure, rather than the other way around.

H. Carvey
Lead Developer, ForixNT

Current thread:

[PEN-TEST] ForixNT, the NT Audit Toolkit H Carvey (Aug 29)
- Re: [PEN-TEST] ForixNT, the NT Audit Toolkit Talisker (Aug 30)
- <Possible follow-ups>
- Re: [PEN-TEST] ForixNT, the NT Audit Toolkit H Carvey (Aug 31)
  - Re: [PEN-TEST] ForixNT, the NT Audit Toolkit Teicher, Mark (Aug 31)
  - Re: [PEN-TEST] ForixNT, the NT Audit Toolkit Talisker (Aug 31)
- Re: [PEN-TEST] ForixNT, the NT Audit Toolkit H Carvey (Aug 31)
- Re: [PEN-TEST] ForixNT, the NT Audit Toolkit H Carvey (Aug 31)