Re: nessus exceptions

From: Mr. Rufus Faloofus (foofus@foofus.net)
Date: Tue Aug 03 2004 - 17:01:37 EDT

• Next message: Miles Stevenson: "Re: Find out the subnetting of a company"
• Previous message: Andres Riancho: "Re: nessus exceptions"
• In reply to: Chris Griffin: "nessus exceptions"
• Next in thread: FocusHacks: "Re: nessus exceptions"
• Reply: FocusHacks: "Re: nessus exceptions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Mon, Aug 02, 2004 at 01:58:13PM -0500, Chris Griffin wrote:
> Hi list,
> Im trying to find some good holes, that aren't major security issues,

Those are not good holes. :)

> that i can create on a machine to see if our testing company really
> uses anything other than nessus.

This plan has a flaw: what if they don't detect the holes? It gives
you no information about whether or not they use anything besides
Nessus; it only tells you that they didn't detect the hole.

A better plan might be to ask them which portions of their output
came from tools other than Nessus.

--Foofus.

• Next message: Miles Stevenson: "Re: Find out the subnetting of a company"
• Previous message: Andres Riancho: "Re: nessus exceptions"
• In reply to: Chris Griffin: "nessus exceptions"
• Next in thread: FocusHacks: "Re: nessus exceptions"
• Reply: FocusHacks: "Re: nessus exceptions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:58 EDT