RE: Unix auditing tools - Windows based.

From: Robert Stull (rstull@eeye.com)
Date: Fri Jun 23 2006 - 11:32:22 EDT

• Next message: mikathebest2003@yahoo.de: "Re: Unsecure webapps, servers, see how hacker works (Part 2)"
• Previous message: Jezebel Ali: "Re: Conducting Risk Assessment for VOIP and Thin Client"
• In reply to: Nick Besant: "RE: Unix auditing tools - Windows based."
• Next in thread: David M. Zendzian: "RE: Some new SSH exploit script?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Retina does a good job from Windows boxen to UNIX/Linux also. Introduced privileged scans over SSH last year.

Yes, I'm a little biased

Doc
_____________________________
Robert Stull
Product Manager
eEye Digital Security
Vulnerability Management Solutions
T.949.900.4175
M.706.294.5812
rstull@eeye.com
 
Attend an eEye Event: eEye Digital Security hosts and participates in regional, local and online events around the world. To view a listing of these events, please visit www.eeye.com/events and register for one today!
 

Important Notice: This email is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying, distribution or reliance on any of it by anyone else is prohibited and may be a criminal offense. Please delete if obtained in error and email confirmation to the sender.

-----Original Message-----
From: Nick Besant [mailto:Nick.Besant@ioko.com]
Sent: Thu, 22 Jun 06 07:41
To: Serge Vondandamo
Cc: pen-test@securityfocus.com
Subject: RE: Unix auditing tools - Windows based.

I'm not sure if you're after native Win32 apps or not, but;

You can run the SARA suite[1] under Windows using coSARA[2], which uses co-operative linux[3] to package the application for Windows. You could also run quite a few linux/unix based tools under either co-op linux or Cygwin[4].

HTH,

Nick Besant

[1] http://www-arc.com/sara
[2] http://www-arc.com/sara/cosara/index.shtml
[3] http://www.colinux.org/
[4] http://www.cygwin.com/

> -----Original Message-----
> From: Gareth Davies [mailto:gareth.davies@mynetsec.com]
> Sent: 22 June 2006 04:50
> To: Serge Vondandamo
> Cc: pen-test@securityfocus.com
> Subject: Re: Unix auditing tools - Windows based.
>
> The best I can recommend is running Linux in a VMWare
> environment on your machine with Nessus server running in it,
> then run the graphical client on Windows.
>
> Also for ISS Internet Security Scanner very good for UNIX
> systems Nessus best for Linux systems.
>
> Cheers
>
> Serge Vondandamo wrote:
> > Thanks but LSAT is nix based and I am looking for a Windows
> tool that
> > can audit Unix/linux.
> >
> > As for Symantec and CA products, they are expensive.
> >
> > Thanks,
> > Serge
> >
> > -----Message d'origine-----
> > De : Alexandre Cezar [mailto:acezar@opencs.com.br] Envoyé :
> vendredi 9
> > juin 2006 01:29 À : MARTIN Benoni; Serge Vondandamo;
> > pen-test@securityfocus.com Objet : RES: Unix auditing tools
> - Windows
> > based.
> >
> > If you're looking for commercial tools for auditing
> porpuses, try to
> > take a look on Symantec Enterprise Security Manager or Computers
> > Associate eTrust Audit
> >
> > If you're looking for free tool, search for LSAT, I belive it's
> > located at http://usat.sourceforge.net/
> >
> > Regards
> >
> >
> > -----Message d'origine-----
> > De : Serge Vondandamo [mailto:serge.vondandamo@wanadoo.fr]
> > Envoyé : jeudi 8 juin 2006 01:33
> > À : pen-test@securityfocus.com
> > Objet : Unix auditing tools - Windows based.
> >
> > All,
> >
> > Can I am looking for a graphical windows tool that can audit a
> > unix/linux system and generate report in word, PDF,
> PowerPoint, etc. any pointers?
> >
> > Thanks,
> > Serge
> >
> >
>
>
> --
> Gareth Davies - ISO 27001 LA, OPST
>
> Manager - Security Practice
>
> Network Security Solutions MSC Sdn. Bhd.
> Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara,
> Mont' Kiara, 50480 Kuala Lumpur, Malaysia
> Phone: +603-6203 5303 or +603-6203 5920
>
> www.mynetsec.com

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------

• Next message: mikathebest2003@yahoo.de: "Re: Unsecure webapps, servers, see how hacker works (Part 2)"
• Previous message: Jezebel Ali: "Re: Conducting Risk Assessment for VOIP and Thin Client"
• In reply to: Nick Besant: "RE: Unix auditing tools - Windows based."
• Next in thread: David M. Zendzian: "RE: Some new SSH exploit script?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:10 EDT