[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Live Penetration Testing.

2009/10/21 Mike Mestnik <cheako@visi.com>:
> Are there any applications or projects to provide this *badly needed
> service? I'm willing to assist in using or putting together an nmap
> type applications that scans for known vulnerabilities and attempts to
> make use of them for security awareness and _,*"prof"*,_ of concept
> means.
> Rant:
> * Too often are PCI compliance testings coming up with false positives
> based on server provided version data.  No matter how many times it's
> spelled out that "These are to be used by authorized/allowed
> applications(to discover usable features or avoid version conflicts)
> and not by malicious applications.", there is always some one who is
> happy for me to change(With the approval of BOFH) the reported version
> to 0.0.0.
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

You should try Backtrack


Matteo Filippetto

Reply to: