Security Hero » Nessus

Vulnerability Assessment

invalid string — Sun, 24 May 2009 11:34:37 +0000

Vulnerability Assessment

Posted by mamo on May 24

Hi all,

I have not done VA for a couple of years and now need again to do this
for a medium size company. Nessus became commercial (also if it is
possible to use it for limited activity). Some other free/OS software
went commercial. I am not going to do full pen-test, just want to
check for…

URL: http://seclists.org/fulldisclosure/2009/May/0194.html

Windows Patch Auditing amp quotFile and Print Sharingquot disabled

invalid string — Thu, 30 Apr 2009 18:35:52 +0000

Re: Windows Patch Auditing amp quotFile and Print Sharingquot disabled

Posted by Mike Drugov on Apr 30

Alright

List of tools that failed

Nessus
FoundStone
GFI
MBSA

Please keep in mind that on remote nodes "Windows Update Service" is disabled and stopped as well as "Client for File & Print Sharing" is uninstalled

I think my last resort will be to run WMI scripts pull…

URL: http://seclists.org/pen-test/2009/Apr/0195.html

Vulnerability vs. Pen test

invalid string — Fri, 24 Apr 2009 13:15:53 +0000

RE: Vulnerability vs. Pen test

Posted by Nick Vaernhoej on Apr 24

James,

My question would be, how do you think Nessus can be considered a penetration test?

A penetration test is not "a tool". A penetration test is an arsenal of tools combined with technical expertise of the wielder of the tools.
A penetration test is having someone with a knack…

URL: http://seclists.org/pen-test/2009/Apr/0152.html

Vulnerability vs. Pen test

invalid string — Wed, 22 Apr 2009 20:41:52 +0000

Vulnerability vs. Pen test

Posted by jlay_at_slave-tothe-box.net on Apr 22

So part of PCI DSS requirements are for a quarterly vulnerability
assessment, and a yearly pentest. My question is: is Nessus considered
just a vulnerability scanning app? Thanks.

James

————————————————————————
This list is sponsored by:…

URL: http://seclists.org/pen-test/2009/Apr/0139.html

- Security Database Tools Latest updates

invalid string — Thu, 09 Apr 2009 13:47:11 +0000

[Tools Updates] – Security Database Tools Latest updates

Posted by SD List on Apr 9

Find these news live from www.security-database.com/toolswatch/

[+] Nessus version 4.0 released

Nessus is the world’s most popular vulnerability scanner used in over
75,000 organizations world-wide. Many of the world’s largest organizations
are realizing significant cost…

URL: http://seclists.org/pen-test/2009/Apr/0059.html

Federally Mandated Certification of cybersecurity professionals?

invalid string — Fri, 03 Apr 2009 13:54:27 +0000

Re: Federally Mandated Certification of cybersecurity professionals?

Posted by Louis Brooks on Apr 03

A nationally recognized certification program could lead to a more
professional view of our field. Right now anyone with a laptop, nmap and
Nessus can call themselves a cybersecurity professional. A minimum
standard would at least lend some creditability to the title. It would
also allow…

URL: http://seclists.org/pen-test/2009/Apr/0014.html

Alternatives to Nessus

invalid string — Tue, 24 Mar 2009 13:21:05 +0000

RE: Alternatives to Nessus

Posted by Shenk Jerry A on Mar 24

Have you ever used NetSonar – oh my goodness…my personal
recommendation…don’t even waste time looking for it!

—–Original Message—–

On Behalf Of Neo
Sent: Sunday, March 22, 2009 6:14 AM

Alternatives to Nessus

invalid string — Fri, 20 Mar 2009 14:01:06 +0000

Alternatives to Nessus

Posted by jond on Mar 20

Has anyone found any good alternatives to Nessus?
I’ve played around with OpenVAS with their backtrack build, but either
it’s not pulling all the plugins, or it’s just not as accurate as
Nessus.

Anyone have different experiences with OpenVAS, or know of anything
else I might look at?

Thanks…

URL: http://seclists.org/pen-test/2009/Mar/0104.html