Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Re: Vulnerability Scanners
From: "Albert R. Campa" <abcampa () gmail com>
Date: Wed, 1 Sep 2010 09:07:41 -0500

A nessus pro feed will let you do that same DOD audit in a non intrusive way
via credentialed scan. Dont know how Nexpose or others work in that regard,
i assume the same way.

__________________________________
Albert R. Campa


On Wed, Sep 1, 2010 at 7:14 AM, Herndon Elliott <alabamatoy () gmail com>wrote:

Date: Tue, 31 Aug 2010 10:02:26 -0600
From: Andrew Anderson <andycapp92 () gmail com>
Subject: vulnerability scanners
...
Does anyone have any suggestions for a  third contender for my list?
gold disc and SRRs.  http://iase.disa.mil/stigs/index.html and
http://iase.disa.mil/stigs/faq.html

Pros: Free, updated, widely used throughout DoD, produce useable results,
all moving slowly to XML basis and VMS output
Cons: Clunky, quirky (but pretty effective), requires DoD PKI cert for
access, some of the checks are manual/interview

Caution, do NOT use the "remediate" button in gold disc or you *will* brick
the box!

Herndon Elliott
Madison, Al
"Fathom the odd hypocrisy that Obama wants every citizen to prove they are
insured, but people don't have to prove they are citizens". ~ Ben Stein

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]