Results 1 to 7 of 7
  1. #1

    What tools do you use for security threat assesments?

    One of my personal faviorates is nessus vunrability scanner. ^^

    Im just curious to see others experiences with other tools.

  2. #2
    Join Date
    Apr 2003
    Location
    Lebanon, PA
    Posts
    420
    Only use nessus at work. Nmap is good for a quick port scan though.

  3. #3
    Yeah, nmap is not so bad, id prob get in trouble for installing that with a webhost though =P

  4. #4
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569
    doesnt relaly do a security threat assessment

    for those i use humans

  5. #5
    Join Date
    Feb 2003
    Location
    Detroit
    Posts
    860
    An experience adminitrator with a completment of tools such as nmap is your best advisor.

    Experience will catch the little pitfalls not 'detected' with scans. But, there is no such thing as a secure enviroment unless the machine is turned off. The rest is just reasonable degree's of security.

  6. #6
    Yes i agree, but does an experienced administrator for example want to check every file and directory on a server for badly thought out permissions?

    What other tools do you find useful?

  7. #7
    Join Date
    May 2003
    Location
    Philadelphia
    Posts
    970
    experience is the most useful tool you can have.

    Some automated tools to look at are

    Nessus,
    xprobe,
    nmap,
    netcat/nc
    Actual exploits
    .... the list is huge.

    The tools are really not as important as understanding the methodology of security testing and assessment.

    You shoudl really check out the OSSTMM - Open Source Security Testing Methodology Manual
    http://www.isecom.org/projects/osstmm.htm
    http://www.eBoundary.com - Let us help you expand your eBoundaries!
    Fast, Secure and reliable FreeBSD shared, reseller and dedicated hosting.
    FREE Peace of mind with every account!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •