RE: I want to test my firewall from the outside-- [on/off]line scanners

To: <debian-security@lists.debian.org>
Subject: RE: I want to test my firewall from the outside-- [on/off]line scanners
From: "Jeff Bonner" <jeff@integralogic.com>
Date: Thu, 14 Feb 2002 17:48:42 -0500
Message-id: <[🔎] 003401c1b5a9$c0738060$0200a8c0@JEFF>
In-reply-to: <[🔎] Pine.LNX.3.96.1020214141622.9422A-100000@Maggie.Linux-Consulting.com>

On 15 Feb 2002 05:20 PM, Alvin Oga wrote:

> its nice that nmap says that port 25 is open for your mail server...
> but ... i'd like it to tell me that sendmail/exim is vulnerable or not
> ( at least the latest/greatest version with latest/greatest buggs  )

AFAIK, the SecuritySpace scanner is the only one online that will
actually examine the ports open then run vulnerability tests against
those.  In fact they're adding new ones all the time.  As for
HackerWhacker, it seems to give you some basic info based on services
running that are historically dangerous IIRC.

Regarding nmap, yeah it doesn't tell you a whole lot about how to
exploit the box, just where to start.  Guess someone should have
mentioned that.  ;)  Then again Nessus looks like it does, but I haven't
used it.

Speaking of exim, your wish may come true.  ;)

Jeff Bonner

Reply to:

References:
- RE: I want to test my firewall from the outside-- [on/off]line scanners
  - From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>

Prev by Date: RE: I want to test my firewall from the outside-- [on/off]line scanners
Next by Date: Re: Un-installing inetd on Woody.
Previous by thread: RE: I want to test my firewall from the outside-- [on/off]line scanners
Next by thread: Re: I want to test my firewall from the outside
Index(es):
- Date
- Thread