RE: distributed scanning

From: Laing, Brian (brian.laing@redseal.net)
Date: Mon Oct 31 2005 - 11:43:00 EST

• Next message: RSMC: "Risk metrics"
• Previous message: Todd Towles: "RE: Sniffing on a switch"
• Maybe in reply to: Laing, Brian: "distributed scanning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Andy,
        Thanks for the information. I did see the thread on scanning a Class A network, that is the sort of issues I am looking to talk to people about. I am not looking for product info to do the distributed scanning. I actually built a distributed scanner based on a webserver and the first incarnation of ISS way back in 95/96. Right now what I am looking for is to find out what are the issues people are facing now 10 years later that require a distributed scanner.
        We are building a product that may help with this as a by product of what we are building. So I want to find what issues people are facing when they do distributed scanning, and are people using this or still relying on the changing of the network to allow the scanner broader coverage.
        I will keep you apprised of any new technology I find.

Cheers,
Brian

-------------------------------------------------------------------

Brian Laing

Chief Security Technology Officer

Cellphone: +1 650.280.2389

VOIP Telephone: +1.650.232.0132

eFax: +1 650.249.3443

-------------------------------------------------------------------

This email and any attachments thereto may contain private, confidential, and privileged material for the sole use of the intended recipient. Any review, copying, or distribution of this email (or any attachments thereto) by others is strictly prohibited. If you are not the intended recipient, please contact the sender immediately and permanently delete the original and any copies of this email and any attachments thereto.

________________________________

-----Original Message-----
From: Talisker [mailto:lists@securitywizardry.com]
Sent: Saturday, October 29, 2005 2:13 PM
To: Laing, Brian; pen-test@securityfocus.com
Subject: RE: distributed scanning

Brian,
There was a very recent thread regarding the scanning of a Class A network,
I mentioned that we maintain details on every distributed scanner here
http://www.securitywizardry.com/dist.htm However, it has been a little
neglected of late therefore I would appreciate any information about missing
products that you encounter in your quest.

Cheers

Andy Cuff
http://www.securitywizardry.com

07010 709014
 

> -----Original Message-----
> From: Laing, Brian [mailto:brian.laing@redseal.net]
> Sent: 28 October 2005 16:07
> To: pen-test@securityfocus.com
> Subject: distributed scanning
>
> I am working on a project to look at % coverage and issues around
> distributed scanning.  I would love if people could chime in with answers
> to a few questions.  For those of you using distributed scanning, how many
> scanners are you using?  Are you placing scanners on each subnet, or are
> you opening routes to subnets to be scanned.  What difficulties are people
> running into when trying to distribute scanners.  What help could you use
> in managing this data or the scanners themselves.
>
> If you want to reply to me offline, I would be happy to hide the names of
> the innocent and the guilty J, and resend any of my findings to this list.
>
> Cheers,
> Brian
>
> -------------------------------------------------------------------
>
> Brian Laing
>
> Chief Security Technology Officer
>
> Cellphone: +1 650.280.2389
>
> VOIP Telephone: +1.650.232.0132
>
> eFax: +1 650.249.3443
>
> -------------------------------------------------------------------
>
> This email and any attachments thereto may contain private, confidential,
> and privileged material for the sole use of the intended recipient. Any
> review, copying, or distribution of this email (or any attachments
> thereto) by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender immediately and permanently delete
> the original and any copies of this email and any attachments thereto.
>
> ________________________________
>
>
> --------------------------------------------------------------------------
> ----
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------------
> -----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: RSMC: "Risk metrics"
• Previous message: Todd Towles: "RE: Sniffing on a switch"
• Maybe in reply to: Laing, Brian: "distributed scanning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:07 EDT