Penetration Testing mailing list archives
Re: nessus exceptions
From: "Mr. Rufus Faloofus" <foofus () foofus net>
Date: Tue, 3 Aug 2004 16:01:37 -0500
On Mon, Aug 02, 2004 at 01:58:13PM -0500, Chris Griffin wrote:
Hi list, Im trying to find some good holes, that aren't major security issues,
Those are not good holes. :)
that i can create on a machine to see if our testing company really uses anything other than nessus.
This plan has a flaw: what if they don't detect the holes? It gives you no information about whether or not they use anything besides Nessus; it only tells you that they didn't detect the hole. A better plan might be to ask them which portions of their output came from tools other than Nessus. --Foofus.
Current thread:
- nessus exceptions Chris Griffin (Aug 03)
- RE: nessus exceptions Jerry Shenk (Aug 03)
- Re: nessus exceptions Andres Riancho (Aug 03)
- Re: nessus exceptions Jacco Tunnissen (Aug 09)
- Re: nessus exceptions hellNbak (Aug 03)
- Re: nessus exceptions Mr. Rufus Faloofus (Aug 03)
- Re: nessus exceptions FocusHacks (Aug 05)
- Re: nessus exceptions Stefano Zanero (Aug 10)
- Re: nessus exceptions FocusHacks (Aug 05)
- Re: nessus exceptions Paul Johnston (Aug 05)
- RE: nessus exceptions Marc Heuse (Aug 05)
- Re: nessus exceptions DokFLeed.Net (Aug 05)
- RE: nessus exceptions Jerry Shenk (Aug 09)
- RE: nessus exceptions R. DuFresne (Aug 09)
- RE: nessus exceptions Jerry Shenk (Aug 09)
- Re: nessus exceptions Pete Herzog (Aug 05)
- <Possible follow-ups>
- Re: nessus exceptions Chris McNab (Aug 05)
- Re: nessus exceptions H Carvey (Aug 05)
(Thread continues...)