Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Privilege separation

from [McKechnie, Grant (Contractor)] Network Security [Permanent Link]
Subject: RE: Privilege separation
Date: Fri, 27 Aug 2004 12:14:21 +1000 


There are tools out there that givr excellent user controls. We have
purchased lightning to do this from tennable security and thanks to the
team at Tennable we are closely involved with the developmentof the
product and will be able to scan some 235K nodes from a single console.
It is becoming more and more mature with every release. 

So there are option to control the users. We faced the same issues
mentioned below and sorted it with a bit of cash and effort.

G./


-----Original Message-----
From: Max [mailto:reply.to.newsgroup@mozilla.org] 
Sent: 26 August 2004 17:02
To: eric
Cc: nessus@list.nessus.org
Subject: Re: Privelege separation

Well said Michel.

Eric,

You're inconsistent with your postings. On the Nessus list you talk
about a dumb admin who scans a /20 network and on the Nmap list, you
complain about the performance of Nmap when scanning a couple of /20
networks.

BTW, looking at what your company does, aren't you by any chance
scanning your hosted customer's networks ? Without their permission ?

I suggest you get your act together and follow the list charter.


--
M@x


eric wrote:

The point I'm making is that I'd like to see more protections
against the folks who are actually authorized to use it; do I trust
Joe-Admin who scans his network 15 times an hour (his /20, at that)
to not be an idiot? No.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


-------- Original Message --------
Subject: Strange 3.59ALPHA3
Date: Fri, 20 Aug 2004 15:14:08 -0500
From: eric <eric-list-nmap@catastrophe.net>
Organization: Catastrophe.Net <http://www.catastrophe.net/>
To: Nmap-dev <nmap-dev@insecure.org>

So I've been beating up a few /20's all day here testing the latest
alpha. Unfortunately, I've found that the scans seem to take 2-3
times longer than a normal scan would using 3.55. Even using
parallel scans seems to be slow.

What can I do to show comparisons, send a -dd output?

Thanks.

- Eric

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help@insecure.org . List archive: http://seclists.org

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Wrong protocol for racoon_cookie_malloc_dos.nasl, George Theall
Next by Date:  Re: Privilege separation, eric
Previous by Thread:  FP on apache_chunked_encoding.nasl, Jason Haar
Next by Thread:  Re: Privilege separation, eric
Indexes:  [Date] [Thread] [Top] [All Lists]