Re: nessus exceptions

From: H Carvey (keydet89@yahoo.com)
Date: Thu Aug 05 2004 - 13:27:49 EDT

• Next message: Tyler Durden: "Re: IWAM: Writing temp files to \winnt\temp"
• Previous message: Chris McNab: "Re: nessus exceptions"
• Maybe in reply to: Chris Griffin: "nessus exceptions"
• Next in thread: Pete Herzog: "Re: nessus exceptions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

>This plan has a flaw: what if they don't detect the holes? It gives
>you no information about whether or not they use anything besides
>Nessus; it only tells you that they didn't detect the hole.
>
>A better plan might be to ask them which portions of their output
>came from tools other than Nessus.

I like Foofus's approach. I've been involved with far too many audits and assessments (from both sides), where this technical approach to foiling or fooling the auditor ends up blowing up in your face.

If you're concerned about the tools that are used, sit down with the testing company and ask them. They should tell you.

Are you concerned that the testing company is using only one tool? Tools like this are only as good as the person who uses them. Do the testers understand the NASL scripts? Have they written their own custom scripts? If so, have any of these scripts been released back to the community (so that you can verify it)? Having a clueless operator run ISS and Nessus, rather than just one, really doesn't give you much.

• Next message: Tyler Durden: "Re: IWAM: Writing temp files to \winnt\temp"
• Previous message: Chris McNab: "Re: nessus exceptions"
• Maybe in reply to: Chris Griffin: "nessus exceptions"
• Next in thread: Pete Herzog: "Re: nessus exceptions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:58 EDT