From: Mr. Rufus Faloofus (foofus@foofus.net)
Date: Tue Aug 03 2004 - 17:01:37 EDT
On Mon, Aug 02, 2004 at 01:58:13PM -0500, Chris Griffin wrote:
> Hi list,
> Im trying to find some good holes, that aren't major security issues,
Those are not good holes. :)
> that i can create on a machine to see if our testing company really
> uses anything other than nessus.
This plan has a flaw: what if they don't detect the holes? It gives
you no information about whether or not they use anything besides
Nessus; it only tells you that they didn't detect the hole.
A better plan might be to ask them which portions of their output
came from tools other than Nessus.
--Foofus.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:58 EDT