Re: [PEN-TEST] Agentless Unix Host Vulnerability Scanners

[H Carvey <keydet89 () YAHOO COM>]

You'll probably have to write your own.  You'd 
have to support a variety of access 
methods...telnet, ssh, r* commands...as well 
as doing 'su'.  And of course, the commands 
you use to perform certain tasks will have to 
depend upon the output of 'uname -a'...

Some work...but it can be done.  Perl, anyone?

./Carv


> Hi
> I'm looking for an agentless vulnerability 
scanner that will audit a variety
> of Unix platforms, primarily Solaris.  By Host 
scanner I mean that it will
> audit the operating system etc given the 
required logon.  By agentless I
> mean you don't need to install an agent to 
carry this out remotely - PSAU
> isn't really an option
>
> I'd appreciate any time you can spare in 
replying
> Thanks
> Andy
> talisker () networkintrusion co uk