From: Kevin Hodle (kevinh@aos5.com)
Date: Mon Apr 07 2003 - 21:19:38 EDT
Just wondering how you selected the IP ranges you scanned in your
'survey'. A nessus scan sets off a very nasty list of IDS signatures,
and if dedicated monitoring service (or a decent IDS analyst) was
watching your IP surely would have been reported to your ISP on more
than one occasion. Since you were probably not authorized to be
scanning these IP's, were you reprimanded at all?
Kevin Hodle
CCNA, Network+, A+
Alexander Open Systems
Network Operations Center
(913)-307-2367
kevinh@aos5.com
-----Original Message-----
From: Alex Zimin [mailto:alex@inprotect.com]
Sent: Sunday, April 06, 2003 8:15 AM
To: pen-test@securityfocus.com
Subject: Top 10 vulnerabilities and open ports.
Inprotect.com made available top 10 vulnerabilities and top 10 open tcp
ports reports based on the results of the free security scans performed
from it's site since October 2002.
Reports are based on the results of tests performed using Nessus
security scanner. Nessus scans were configured to test common tcp ports
with all safe non-DOS checks enabled. Tests were performed over time
with the 1.2.5 - 2.0.1 versions of Nessus security scanner. Since
October 2002, 936 systems were tested 1192 times (some systems were
tested more than once). Security scans results show that over 19,000
security vulnerabilities were found, or close to 16 vulnerabilities
found per scan (these numbers include open ports). These reports may
contain some false positive results, but it's impossible to determine
number of false positives at this time.
Top 10 vulnerabilities and open tcp ports reports are also available for
the period of the last 30 days, which may show statistics on newly
discovered vulnerabilities. The top 10 vulnerabilities reports are
grouped by Nessus risk factor, CVE ID, CVE ID (candidates) and Bugtraq
ID.
The reports data may be useful for security professionals or for
preparing researches on most common vulnerabilities.
Top 10 vulnerabilities and open ports reports:
http://www.inprotect.com/modules.php?op=modload&name=Nessus&file=reports
Alex Zimin
Inprotect.com
alex@inprotect.com
top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much junk never
even makes it in the door. Free 30-day trial:
http://www.securityfocus.com/SurfControl-pen-test
<b>
--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2
Download a free trial and see just
what's going in and out of your organization.
--------------------------------------------------------------
</b>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:31 EDT