Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners

from [Ron DuFresne] Network Security [Permanent Link]
Subject: RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners
Date: Fri, 30 Apr 2004 11:48:01 -0500 (CDT) 
On Wed, 28 Apr 2004, Starford, Christopher D. wrote:


Harlan,

I believe many true IT Security Auditors out there would agree that your
wrong on this one.




Yet, audits in the corp env's tend to focus not on IT nor security, but
bean-counting.  I've seen as HYarlan mentions that the vast majority of
auditors have been of the finnancial category, and clueless about IT and
it's processes and such.  Now, this is not the auditors fault, but
managments, as well as that of the partnering companies that make the
request and hire in the wrong folks.

Of course then there are the snack-oil IT folks, those that pentest and
such with a point and click tool and canned report.  A thourough IT sec
audiit requires that the audirot become familiar with the org being
audited and actually look into system configs.  There are many issues in
how systems are confuifugered that a point and launch tool are not going
to uncover and a canned report will not mention.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners, Ron DuFresne
Next by Date:  [Full-Disclosure] RE: Incoming Msg, Technoboy
Previous by Thread:  RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners, Ron DuFresne
Next by Thread:  RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners, Stuart Fox (DSL AK)
Indexes:  [Date] [Thread] [Top] [All Lists]