Results 1 to 7 of 7
-
11-04-2003, 11:57 AM #1Junior Guru Wannabe
- Join Date
- Apr 2003
- Posts
- 82
What tools do you use for security threat assesments?
One of my personal faviorates is nessus vunrability scanner. ^^
Im just curious to see others experiences with other tools.
-
11-04-2003, 12:28 PM #2Aspiring Evangelist
- Join Date
- Apr 2003
- Location
- Lebanon, PA
- Posts
- 420
Only use nessus at work. Nmap is good for a quick port scan though.
-
11-05-2003, 10:20 PM #3Junior Guru Wannabe
- Join Date
- Apr 2003
- Posts
- 82
Yeah, nmap is not so bad, id prob get in trouble for installing that with a webhost though =P
-
11-06-2003, 07:19 AM #4Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
doesnt relaly do a security threat assessment
for those i use humans
-
11-06-2003, 03:07 PM #5Web Hosting Master
- Join Date
- Feb 2003
- Location
- Detroit
- Posts
- 860
An experience adminitrator with a completment of tools such as nmap is your best advisor.
Experience will catch the little pitfalls not 'detected' with scans. But, there is no such thing as a secure enviroment unless the machine is turned off. The rest is just reasonable degree's of security.
-
11-07-2003, 01:38 PM #6Junior Guru Wannabe
- Join Date
- Apr 2003
- Posts
- 82
Yes i agree, but does an experienced administrator for example want to check every file and directory on a server for badly thought out permissions?
What other tools do you find useful?
-
11-07-2003, 05:33 PM #7Web Hosting Master
- Join Date
- May 2003
- Location
- Philadelphia
- Posts
- 970
experience is the most useful tool you can have.
Some automated tools to look at are
Nessus,
xprobe,
nmap,
netcat/nc
Actual exploits
.... the list is huge.
The tools are really not as important as understanding the methodology of security testing and assessment.
You shoudl really check out the OSSTMM - Open Source Security Testing Methodology Manual
http://www.isecom.org/projects/osstmm.htmhttp://www.eBoundary.com - Let us help you expand your eBoundaries!
Fast, Secure and reliable FreeBSD shared, reseller and dedicated hosting.
FREE Peace of mind with every account!