Penetration Testing mailing list archives
RE: Features of a vulnerability scanner
From: "Blake Wiedman [Icons]" <bwiedman () iconsinc com>
Date: Mon, 1 Dec 2003 14:20:53 -0500
My major gripe is reporting, I would love a product that gives me full extensibility in regards to the output of the report (in MSWord Format) . I would like to also see the possibility of out put being grouped by vulnerability not by machine. Example: Level: Low The following machines have remote RPC enabled: 192.168.1.1 192.168.1.2 192.168.1.3 By machine is good for small scans but becomes cumbersome for large scans of hosts >=50. Blake Wiedman Icons Inc. Security Technician (732) 821-9100 x103 -----Original Message----- From: Marc Ruef [mailto:maru () scip ch] Sent: Monday, December 01, 2003 5:27 AM To: pen-test () securityfocus com Cc: sectools () securityfocus com Subject: Features of a vulnerability scanner WARNING: Unsanitized content follows. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear List I would like to ask you pen-testers two generic questions about vulnerability scanners: 1. Which features for you are very important or is the most important in a vulnerability scanner software? 2. Which features are you missing in the existing vulnerability scanner products? A vulnerability scanner in this context is a tool that looks automaticly for potential security holes. There are for example Nessus, ISS Internet Scanner, Symantec NetRecon, GFI LanGuard, SATAN, SAINT, Vigilante, Dante Security Scanner, ... Port scanner and enumeration utilities like nmap, N-Stealth, Whisker or Nikto are here not counted to vulnerability scanners. Yours, Marc Ruef - -- ) scip AG ( Technoparkstr. 1 8005 Zürich T +41 1 445 18 18 F +41 1 445 18 19 maru () scip ch www.scip.ch - - Pragmatisches Projektmanagement - -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 Comment: http://www.scip.ch iQA/AwUBP8sXXhe5hzJzqVMhEQLYZwCgpFHRj/ilv51PUAEFHWRqbuo+fHkAn24J z6YgR9JIPl1/Q6lcCfOw4zKr =RDZw -----END PGP SIGNATURE----- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Features of a vulnerability scanner Marc Ruef (Dec 01)
- Re: Features of a vulnerability scanner Patrick Boucher (Dec 01)
- RE: Features of a vulnerability scanner Blake Wiedman [Icons] (Dec 01)
- Re: Features of a vulnerability scanner wirepair (Dec 01)
- Re: Features of a vulnerability scanner Anders Thulin (Dec 03)
- <Possible follow-ups>
- RE: Features of a vulnerability scanner Gonenc, Ozan (Dec 01)
- RE: Features of a vulnerability scanner Kohlenberg, Toby (Dec 01)
- RE: Features of a vulnerability scanner Brass, Phil (ISS Atlanta) (Dec 03)