Home page logo

basics logo Security Basics mailing list archives

SV: Security scanning tools
From: "Kim Guldberg" <kim () bufferzone dk>
Date: Tue, 16 Dec 2003 15:23:52 +0100

In my world you are covered pretty nicely. Nessus is a good tool, that
will finde most problems, often it will rapport some false positives and
you should always manually validate Nessus finds, positive and negative.

One thing you should consider is patch management. You should always
keep track of witch patches you have applied to which systems in what
My advice is, keep a logbook for all your servers, where you note the
patches and when they are applied. You should also keep track on all
configurative changes and all other relevant system tweaking.

Use the tools to point to what you need to manually verify, keep track
of what you have done, that way you will on top of most things

yes they are, and better false positives then false negatives

Kim Guldberg  

My questions to the group are:
1. What tool[s] should I look to buy that that correctly reports
vulnerabilties with the least false positives?
2. Are false positives a known [feature] of all scanning tools?


Hotmail messages direct to your mobile phone



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]