Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: We Found the Vulnerabilities, so What Next ?!!

from [Mansour] Network Security [Permanent Link]
Subject: Re: We Found the Vulnerabilities, so What Next ?!!
Date: Fri, 17 Feb 2006 22:50:38 +0300 
Dear Renaud

Thanks, you add a lot.

I totally agree with you about the concept in general (we should
assume the worst case). But this will make our life much harder.

Patching the systems is one way to mange the risk and reduced it to an
acceptable level. But some times its not in our hands to apply the
necessary patches (conflict issues) , is there other solution we can
use to minimize the risk ?

What do you all think about this scenario :
1- Scan the system and patch any vulnerabilities related to the kernel
or port 80 service.
2- Put the web server in zone with only port 80 open.
3- Use IPS and "Web application Firewall" before the web server.
4- Use IDS inside the zone to detect any successfully attack.

By using all this together, can we say we are in an acceptable level
of the risk? Do we reduced the risk of being online and using
unpatched system as much as we did if we fully patched the system ?
I know it will be more better to use this scenario with patched
system, but I would like to know, are we will be in an acceptable
level without patching the system ?

With Best Regards,
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: We Found the Vulnerabilities, so What Next ?!!, Renaud Deraison
Next by Date:  Re: We Found the Vulnerabilities, so What Next ?!!, Renaud Deraison
Previous by Thread:  Re: We Found the Vulnerabilities, so What Next ?!!, Renaud Deraison
Next by Thread:  Re: We Found the Vulnerabilities, so What Next ?!!, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]