Home page logo

pauldotcom logo PaulDotCom mailing list archives

Opinions on GFI LANguard
From: j2mccluggage at adelphia.net (Jody & Jennifer McCluggage)
Date: Fri, 15 May 2009 23:32:18 -0400

Hello Adrian,


We use Languard NSS.  Although I think it is a very good tool it does have a
tendency to return some false positives - like many tools - (particularly
around open ports)  and seems a tad bit sensitive on reporting vulnerability
level (if you did not know what you where doing you may think your machine
is highly vulnerable when it may not be).  I too have seen it report some
open ports that were not really open and report ports that belonged to
legitimate services as possibly being a Trojan. 


Again, I think it is a very good tool (it can also assist in patch
management and network and software auditing) as long as you follow-up on
its reporting.  This is just another example of why you cannot rely on tools
alone to secure your network. 





From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Adrian Crenshaw
Sent: Friday, May 15, 2009 10:02 PM
To: PaulDotCom Security Weekly Mailing List
Subject: [Pauldotcom] Opinions on GFI LANguard


I've been playing with GFI LANguard. I did a scan of one of my boxes, and it
say I have something like 19 different "Open ports commonly used by
Trojans". I did an "nmap -p 0-65535" and did not find and of the ports open
that LANGuard reported. I plan to do an AV sweap next, but does anyone have
any experiance with LANGuard? Is it prone to false positives?


No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.325 / Virus Database: 270.12.30/2115 - Release Date: 05/15/09

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090515/0819d84a/attachment.htm 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]