From: Paul Vet (paul.vet@baldhead.com)
Date: Tue Jul 22 2003 - 12:37:19 EDT
> > okay.... i'll bite ... why does everybody/somebody think that
> "pen-test"
> > means to run a port scan w/ nmap/nessus .. etc ..
>
> Exactly this is the reason why penetration testing isn't only running of
> nmap/nessus/iss/whatever, but more important - interpretation of
> results and
> additional steps taken.
>
> Everyone can run tools, but only people who understand things can
> interpret
> their results and find additional possible or existing security problems.
Agreed. However, anybody can just run the tools and say "oh crap, I'm
terribly vulnerable" and maybe, just maybe, they'll go to Windows Update and
we'll have one less machine spreading the next big worm.
To go back in time a little, the original poster asked for a tool to
enumerate hosts, scan them for vulnerabilities, and attempt to exploit them.
I think we're all aware that that does not make a full pen-test, but it
could have many uses. It could be that he's just become aware of security
issues and wants to do a quick test of his LAN. Perhaps he's a black-hat
trying to expand his bot-net. Who knows?
I do think that it's important that we not just dismiss Nessus with "that's
not a real pen-test." It's true, it isn't a full pen-test, but it doesn't
claim to be. What it does do is give the end user a bit of a chance. Most
people can't afford to either a) learn how to do a complete pen-test, or b)
hire a team. Tools like Nessus are the first step in getting joe-user to
secure his box.
Paul.
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:37 EDT