From: Filipe Custodio (filipe.custodio@novabase.pt)
Date: Thu Feb 27 2003 - 05:41:28 EST
-----BEGIN PGP SIGNED MESSAGE-----
> The second part of the question is, are their any technical
> advantages between the two setups? I understand this overlaps with
> the
> first question
> but I ask this after having searched for good writeups and
> came out with
> very little.
- From what I have seen, the main difference is that stand alone
applications tend to me a lot more thorough, deploying tests of an
aggressive nature an online scanner simply cannot afford.
On the other hand, online scanning is usually a lot easier to use,
being targetted at the end user. Stand alone vulnerability scanners
should be used by qualified auditors only. I have seen a couple of
crashes and system instability caused by vulnerability scanners like
Nessus or eEye Retina.
Still, the main advantage of stand alone vulnerability scanners is
that they can be deployed anywhere (DMZ, intranet, etc.), while
online scanning is limited to the Internet perimeter.
Just my ?0,02
- --
Filipe Custodio
CISSP, GSNA
Senior Security Consultant
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQEVAwUBPl3rWPicSwtnqcbDAQGo3AgAzAZMNEyKncFU9DuCWQG2CcLaBN5H3S2W
WcfAMjy/gg0koBwTd/AWhsFRgIXG6M3ZQ2LTk1drFj9vIoVXhqi7BLZmX9zsueEw
H8uyquTO00dNG42g2q4OMkIqaHCzxvDyRVy1PABm2H0NHpAgq8bubs4BBbyanruY
KTDpSgUNOrmqSW3wdSVMPcWZoD675Q4AdKjG3KiPIV0gR/iojZgyPJPDhD1yEEmt
oxd4+vVDTwpeF2Rb60QgElaJCkQafWO8RKzMuRtnN8w91pzBVZBEpqj3idBd91nw
+pnrX43EicxBJk6Otf7ucL82bIFJRtB93YO2RqZ/uqq2aQ8nBc4eXQ==
=H4Mx
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7
: Sat Apr 12 2008 - 10:53:29 EDT
<Pre>Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box?
CORE IMPACT does.</Pre>
<A href="http://www.securityfocus.com/core"> http://www.securityfocus.com/core>