Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vulnerability scanners

From: Alvin Oga <alvin.sec () Mail Linux-Consulting com>
Date: Thu, 27 Mar 2003 13:31:10 -0800 (PST)

hi ya

On Thu, 27 Mar 2003, Jeff Williams @ Aspect wrote:


Let's assume that you're talking about 256 IPs (based on Qualys' published
pricing), and you want to scan weekly.  That's at least a day a week of


their "mail server scanning" is pointless ???  ( when we tried it out )
        - just a bunch of dictionary names for your-domain.com

vulnerability scanning and pen-testing ...
        - you can do quickie tests..
        ( few minutes - couple hours )

        - you can and SHOULD do it every time something changed
        ( incremental costs should be minimal )

        - you should go back and see what other vuln tests you or your 
        other hired  testors didnt check earlier...
        ( few days, few weeks )

        - repeat round and round

- most of the scanning can be automated

- think one can also apply all the scriptkiddie scripts automatically  ??

- automation is the key ... people will get tired of running the same
  repeatative tests


effort for someone (probably more to generate a very nice report and
summaries).  The cost of a full-time sysadmin (including salary, benefits,
office, etc...) probably costs well north of $100K.  You'd have to include
some equipment costs in there.  So I doubt you could do it much cheaper.
I think vulnerability scanning is a reasonable thing to outsource for
companies that are not in the security or networking field already.


you do need a qualified testor ... newbies wont knwo what to look for 
and how to test it ..

i'd say a good vulnerability scanner and pen-testor would run
$150K  in salaries  + double it for insurance, benefits, office space,
phones, lab, PCs, test archives, etc
        plus probably an additional knowledgeable secretary to type up
        pretty reports and attachements

"good"  == they can find the obvivious holes... in a matter of minutes
        - break into any pc running sendmail earlier than 8.12.8
        - break into any apache w /443 left on
        - break into wireless sites w/ telnet/ftp/pop3 left on inside
        ... blah .. blah ..

c ya
alvin


top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial:
http://www.surfcontrol.com/go/zsfptl1
Previous By Date Next
Previous By Thread Next

Current thread: