Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: How do VA scans work technically
From: Killy <killfactory () gmail com>
Date: Wed, 9 Jul 2008 01:37:23 -0400

Nessus can ne configured to perform safe scans. It will still for blank root, as and administrator passwords under that config.

So, it depends on your definition of exploit :)

Nessus can also be configured to prrerform brute force attacks using a hydra plugin/module

You also perform thorough tests/scans.

I have feeling that you are wanting to if nessus and qualys operate like metasploit, canvas or other exploit frameworks.

I would say no. But nessusbis very flexible and you can customize It and create your own plugin to do just about anything.

There is plenty of documentation and help online.

Sent from my iPod

On Jul 8, 2008, at 4:02 PM, "Aseem Kumar" <kumaraseem () gmail com> wrote:

Hey,

Can someone tell me (any weblink , any ebook, or direct answers) as to
how the VA scans like those of Qualys or Nessus work?

How do they find the vulnerabilities of a system without ever exploiting it?

Regards
Aseem

--- ---------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
--- ---------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault