Penetration Testing mailing list archives

RE: Unix auditing tools - Windows based.

From: "Robert Stull" <rstull () eeye com>
Date: Fri, 23 Jun 2006 08:32:22 -0700

Retina does a good job from Windows boxen to UNIX/Linux also. Introduced privileged scans over SSH last year. 

Yes, I'm a little biased

Doc
_____________________________
Robert Stull
Product Manager
eEye Digital Security
Vulnerability Management Solutions
T.949.900.4175
M.706.294.5812
rstull () eeye com 
 
Attend an eEye Event: eEye Digital Security hosts and participates in regional, local and online events around the 
world.  To view a listing of these events, please visit www.eeye.com/events and register for one today!
 

Important Notice: This email is confidential, may be legally privileged, and is for the intended recipient only.  
Access, disclosure, copying, distribution or reliance on any of it by anyone else is prohibited and may be a criminal 
offense.  Please delete if obtained in error and email confirmation to the sender.   


-----Original Message-----
From: Nick Besant [mailto:Nick.Besant () ioko com] 
Sent: Thu, 22 Jun 06 07:41
To: Serge Vondandamo
Cc: pen-test () securityfocus com
Subject: RE: Unix auditing tools - Windows based.

I'm not sure if you're after native Win32 apps or not, but;

You can run the SARA suite[1] under Windows using coSARA[2], which uses co-operative linux[3] to package the 
application for Windows.  You could also run quite a few linux/unix based tools under either co-op linux or Cygwin[4].

HTH,

Nick Besant

[1] http://www-arc.com/sara
[2] http://www-arc.com/sara/cosara/index.shtml
[3] http://www.colinux.org/
[4] http://www.cygwin.com/

-----Original Message-----
From: Gareth Davies [mailto:gareth.davies () mynetsec com] 
Sent: 22 June 2006 04:50
To: Serge Vondandamo
Cc: pen-test () securityfocus com
Subject: Re: Unix auditing tools - Windows based.

The best I can recommend is running Linux in a VMWare 
environment on your machine with Nessus server running in it, 
then run the graphical client on Windows.

Also for ISS Internet Security Scanner very good for UNIX 
systems Nessus best for Linux systems.

Cheers

Serge Vondandamo wrote:

Thanks but LSAT is nix based and I am looking for a Windows

tool that

can audit Unix/linux.

As for Symantec and CA products, they are expensive. 

Thanks,
Serge

-----Message d'origine-----
De : Alexandre Cezar [mailto:acezar () opencs com br] Envoyé :

vendredi 9

juin 2006 01:29 À : MARTIN Benoni; Serge Vondandamo; 
pen-test () securityfocus com Objet : RES: Unix auditing tools

- Windows

based.

If you're looking for commercial tools for auditing

porpuses, try to

take a look on Symantec Enterprise Security Manager or Computers 
Associate eTrust Audit
 
If you're looking for free tool, search for LSAT, I belive it's 
located at http://usat.sourceforge.net/
 
Regards


-----Message d'origine-----
De : Serge Vondandamo [mailto:serge.vondandamo () wanadoo fr]
Envoyé : jeudi 8 juin 2006 01:33
À : pen-test () securityfocus com
Objet : Unix auditing tools - Windows based.

All,

Can I am looking for a graphical windows tool that can audit a 
unix/linux system and generate report in word, PDF,

PowerPoint, etc. any pointers?


Thanks,
Serge



--
Gareth Davies - ISO 27001 LA, OPST

Manager - Security Practice

Network Security Solutions MSC Sdn. Bhd.
Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara, 
Mont' Kiara, 50480 Kuala Lumpur, Malaysia
Phone: +603-6203 5303 or +603-6203 5920

www.mynetsec.com


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------

Current thread:

RE: Unix auditing tools - Windows based. MARTIN Benoni (Jun 08)
- <Possible follow-ups>
- RE: Unix auditing tools - Windows based. Michael Gargiullo (Jun 08)
  - Re: Unix auditing tools - Windows based. Morning Wood (Jun 09)
- Re: Unix auditing tools - Windows based. Michael Werwein (Jun 08)
- RE: Unix auditing tools - Windows based. Damien Dinh (Jun 09)
  - SV: Unix auditing tools - Windows based. Niklas Blomquist (Jun 09)
- RE: Unix auditing tools - Windows based. Michael Gargiullo (Jun 20)
  - Subject: 2006 Tool Survey Released - SecTools.Org Michael Painter (Jun 21)
- RE: Unix auditing tools - Windows based. Nick Besant (Jun 22)
  - RE: Unix auditing tools - Windows based. Robert Stull (Jun 23)