Intrusion Detection Systems mailing list archives
Re: NT Host Vulnerability Scanners
From: mht () clark net (mht () clark net)
Date: Sat, 15 Jul 2000 19:00:48 -0700
Archive: http://msgs.securepoint.com/ids FAQ: http://www.ticm.com/kb/faq/idsfaq.html IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au WebTrends, ISS and TripWire have products available that sit and assist in baselining a particular system based on attributes a user selects or adhering some policy that compares the system against a standard or custom policy. Agents sit on a particular host monitoring for certain things and report back to a central console.. It really depends on the scope of your test. A live trial in my mind last for months on end, and encompasses at least a class 'B' network with at least variants from every single type of operating system available plus some common apps that may be running. My type of testing is similiar to those Road & Track testing.. First month, person gets the car, drives around a bit, a couple of months in the car, things start to come loose, shake , vibrate things like that. A week or two of testing may not be enough /m \At 10:02 PM 7/15/00 +0100, Talisker wrote:
Hi all I'm currently looking at host vulnerability scanners for NT networks, my main requirement is for a tool that doesn't require an agent to be installed, so far I've found STAT and SecurityExpressions (thanks Fernando) both tools seem similar but before I set them against each other on a live trial, I'm hoping once again to feed upon the experiences of the list, I'm looking for the following: 1. Is there a great advantage of using agents on each host. 2. Has anyone used either of these products and if so what did you think. 3. Are there any other products that will achieve the same aim, at a comparative cost. Product information can be found on my host scanner page at <http://www.networkintrusion.co.uk/h_scan.htm><A HREF="http://www.networkintrusion.co.uk/h_scan.<http://www.networkintrusion.co.uk/h_scan.htm";>http://www.networkintrusion.co.uk/h_scan.<http://www.networkintrusion.co.uk/h_scan.htm</A>>htm Thanks in advance Andy <http://www.networkintrusion.co.uk>www.networkintrusion.co.<http://www.networkintrusion.co.uk>uk ''' (0 0) ----oOO----(_)---------- | The geek shall | | Inherit the earth | -----------------oOO---- |__|__| || || ooO Ooo The opinions contained within this transmission are entirely my own, and do not necessarily reflect those of my employer.
Current thread:
- The CVE (WAS: RE: RE: Ramping up for another review) Greg Shipley (Jul 13)
- RE: Tivoli Cross-Site for Security (was: RE: Ramping up for anoth er r eview) Lodin, Steven {IT S~Indianapolis} (Jul 14)
- Re: RE: Tivoli Cross-Site for Security (was: RE: Ramping up for anoth er r eview) Dave Whitlow (Jul 19)
- Re: The CVE (WAS: RE: RE: Ramping up for another review) Ron Gula (Jul 14)
- Re: The CVE (WAS: RE: RE: Ramping up for another review) Dug Song (Jul 15)
- NT Host Vulnerability Scanners Talisker (Jul 15)
- Re: NT Host Vulnerability Scanners mht () clark net (Jul 15)
- Re: NT Host Vulnerability Scanners Talisker (Jul 16)
- RES: NT Host Vulnerability Scanners Marlon Jabbur (Jul 17)
- Re: RES: NT Host Vulnerability Scanners mht () clark net (Jul 17)
- Re: NT Host Vulnerability Scanners mht () clark net (Jul 15)
- RE: Tivoli Cross-Site for Security (was: RE: Ramping up for anoth er r eview) Lodin, Steven {IT S~Indianapolis} (Jul 14)
- Re: NT Host Vulnerability Scanners Carric Dooley (Jul 18)
- Re: NT Host Vulnerability Scanners Carric Dooley (Jul 18)
- JOB OPPORTUNITY Ann Pohlers (Jul 18)
- Re: JOB OPPORTUNITY John S Flowers (Jul 18)
- <Possible follow-ups>
- RE: The CVE (WAS: RE: RE: Ramping up for another review) Lodin, Steven {IT S~Indianapolis} (Jul 14)
- RE: The CVE (WAS: RE: RE: Ramping up for another review) Farrell, Dave E (Jul 14)
- Re: The CVE (WAS: RE: RE: Ramping up for another review) Greg Shipley (Jul 15)