Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: vulnerability scanners not effective? or just a false-positive?

from [Pete Herzog] Network Security [Permanent Link]
Subject: Re: vulnerability scanners not effective? or just a false-positive?
Date: Fri, 31 Mar 2006 13:57:28 +0200 
Craig,

You like to keep on my toes, that's for sure.

Pete stated:  default banners ..."wouldn't be the threat, they would be
the vulnerability if you're talking Risk"

I would not even classify them as a vulnerability. They may form a part
of an attack vector or a link in an attack tree, but not a
vulnerability.

You're right. I got sloppy and should have said "on the vulnerability side" but didn't consider to remark on attack trees in my answer.

Knowing the structure of the web site is not in itself a risk or
vulnerability. It can comprise a branch in an attack tree, but can not
facilitate an attack in itself.

Actually, it can facilitate an attack. Information does make an attack easier to propagate.


In response to "Risk is relative to the organization not to you." This
depends on the method used to determine risk. A "fluffy" qualitative
risk analysis (there are better or worse qualitative techniques) based
on opinion will fit this description. A detailed quantitative analysis
using Stochastically defined models and a Bayesian likelihood analysis,
maybe even integrating Bayesian linguistic techniques is fairly
definitive no matter where you are.

Nothing fluffy. Nothing qualitative either. Risk is indeed always relative to the level of involvement and cost in taking the risk. You can have all the models in the world but risk is still a preference based on what one values.

Sincerely,
-pete.

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: About AsyncOS from IronPort, Lynx
Next by Date:  RE: Wireless Audit Reports, Shenk, Jerry A
Previous by Thread:  RE: vulnerability scanners not effective? or just a false-positive?, Craig Wright
Next by Thread:  Re: vulnerability scanners not effective? or just a false-positive?, Joel Jose
Indexes:  [Date] [Thread] [Top] [All Lists]