Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Effective Location For The Scan

from [Jay Jacobson] Network Security [Permanent Link]
Subject: RE: Effective Location For The Scan
Date: Thu, 20 Apr 2006 15:48:55 -0700 (MST)

[snip] 
        My research indicated that the threat was greatest from
insiders, so my suggested approach was to require that the scans be ran
from inside the network ( specifically behind the firewall.)

        Other will argue that the scans should be ran from outside the
firewall since the threats are mainly external.

[snip]

I agree with most of the thoughts on this thread, but thus far the replies have all missed a very critical point. When considering external or internal scanning, the real answer is BOTH.

A network device (router, IDS, whatever), or even the target host, may react very differently depending on the source of the scan and the architecture of the network between the scanner and the target. It is very possible to scan the same target from both the inside and the outside, and get two very different results.

~Jay

--
..
..  Jay Jacobson
..  Edgeos, Inc. - 480.961.5996 - http://www.edgeos.com
..
..  Private-Labeled Managed Vulnerability Assessment Services
..

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Effective Location For The Scan, DePriest, Jason R.
Next by Date:  Re: what happened to session saving and the files from which you can make nbe files, odl
Previous by Thread:  RE: Effective Location For The Scan, DePriest, Jason R.
Next by Thread:  RE: Effective Location For The Scan ---- What is the minimum requirement to insure scans are not distorted., -soundlux-
Indexes:  [Date] [Thread] [Top] [All Lists]