Home page logo
/

basics logo Security Basics mailing list archives

SV: Security scanning tools
From: "Kim Guldberg" <kim () bufferzone dk>
Date: Tue, 16 Dec 2003 15:23:52 +0100

1.
In my world you are covered pretty nicely. Nessus is a good tool, that
will finde most problems, often it will rapport some false positives and
you should always manually validate Nessus finds, positive and negative.

One thing you should consider is patch management. You should always
keep track of witch patches you have applied to which systems in what
order. 
My advice is, keep a logbook for all your servers, where you note the
patches and when they are applied. You should also keep track on all
configurative changes and all other relevant system tweaking.

Use the tools to point to what you need to manually verify, keep track
of what you have done, that way you will on top of most things

2.
yes they are, and better false positives then false negatives

Regards 
Kim Guldberg  



My questions to the group are:
1. What tool[s] should I look to buy that that correctly reports
security 
vulnerabilties with the least false positives?
2. Are false positives a known [feature] of all scanning tools?


Jack

_________________________________________________________________
Hotmail messages direct to your mobile phone
http://www.msn.co.uk/msnmobile


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----





---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]