OT: vulnerability scanner
Jamie Bohr
jamiebohr at gmail.com
Wed Aug 10 19:25:27 UTC 2005
Thank you, I have looked at Nessus however from what I can tell it does not
do vulnerability scanning like tara, for instance: checking permissions on
.rhosts files, looking for world writable system directories ....
I was trying Nessus this morning and it would not compile on FC3, I get
error
$ make
cd nessus && make
make[1]: Entering directory `/tmp/nessus-core/nessus'
gcc -g -O2 `sh ./cflags` -c xstuff.c
xstuff.c:32:21: gtk/gtk.h: No such file or directory
In file included from xstuff.c:35:
.
.
.
I am trying to work through that though.
Thank you again,
Jamie Bohr
On 8/10/05, Rick Stevens <rstevens at vitalstream.com> wrote:
>
> Scot L. Harris wrote:
> > On Wed, 2005-08-10 at 14:41, Jamie Bohr wrote:
> >
> >>I know this is off topic but ...
> >>
> >>I am looking to a vulnerability scanner for UNIX. Currently we (the
> >>company I work for) are using TARA and have come to the conclusion
> >>that either we need to switch to something else or give TARA a major
> >>overhaul. Before we went down updating TARA I thought I would see
> >>what else was out there that could be a direct TARA replacement and
> >>possibly have more features, central reporting be one of them.
> >>
> >>Thank you for you time,
> >> Jamie Bohr
> >
> >
> > Are you looking for something like nessus? You can get some fairly
> > comprehensive web based reports from nessus for the systems on your
> > network.
>
> Yes, nessus is good, but beware of false positives from nessus. It may
> report that you have package foobar-X.Y which has a certain
> vulnerability, when in fact you have foobar-X.Y-xx.yy where that has
> been fixed. Nessus doesn't necessarily know about fixes in incremental
> releases. It looks at the signon message or behaviour of the program
> and bases its recommendations on that. Just wanted you to be aware of
> that.
>
> You can also use nmap to portscan your systems and see which ports a
> given machine is listening on. We also use portsentry and snort to
> watch things go bump on the network, as well as firewalling the kapok
> out of things.
> ----------------------------------------------------------------------
> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
> - VitalStream, Inc. http://www.vitalstream.com -
> - -
> - Never test for an error condition you don't know how to handle. -
> ----------------------------------------------------------------------
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050810/1f40ab22/attachment-0001.htm>
More information about the fedora-list
mailing list