[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners

To: Harlan Carvey <keydet89@xxxxxxxxx>
Subject: RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners
From: Ron DuFresne <dufresne@xxxxxxxxxxxxx>
Date: Fri, 30 Apr 2004 11:40:02 -0500 (CDT)

On Wed, 28 Apr 2004, Harlan Carvey wrote:

        [SNIP]
>
> But there's also another way to look at the original
> comment...security is a process.  Running a
> vulnerability scanner isn't a process...it's a
> point-in-time check, a snapshot.

Ad it's not in and of itself completely that;  it's a number of potentials
that need to be hand checked for accuracy.  Scanners are not a do all tool
of complete trust, they are a tool to provide pointers, at a point-in-time
for sure.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security)
Next by Date: [Full-Disclosure] [waraxe-2004-SA#026 - Multiple vulnerabilities in Coppermine Photo Gallery for PhpNuke]
Previous by thread: Re: [Full-Disclosure] Innocent newbie question...
Next by thread: RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners
Index(es):
- Date
- Thread