Salve,
the data is quite old by now, but you will find some stuff on the topic on my site: http://www.vulnerability-assessment.de/doku.php
--
Mit freundlichen Grüßen
Christoph Puppe
Security Consultant
We secure your business.(TM)
_______________________________________________________
HiSolutions AG Phone: +49 30 533289-0
Bouchéstrasse 12 Fax: +49 30 533289-99
D-12435 Berlin Internet: http://www.hisolutions.com
_______________________________________________________
Mindestinformationen im geschäftlichen E-Mail-Verkehr nach §37a HGB:
Sitz der Gesellschaft / registered office:
Berlin
Handelsregistereintrag / Commercial register:
Amtsgericht Berlin Charlottenburg - HRB 80155
Vorstand / Management Board:
Torsten Heinrich, Timo Kob, Michael Langhoff
Vorsitzender des Aufsichtsrates / Chairman of the supervisory board:
Prof. Dr. Klaus Müller
> -----Ursprüngliche Nachricht-----
> Von: listbounce_at_securityfocus.com [mailto:listbounce_at_securityfocus.com] Im
> Auftrag von Aseem Kumar
> Gesendet: Mittwoch, 9. Juli 2008 10:52
> An: pen-test_at_securityfocus.com
> Betreff: Re: How do VA scans work technically
>
> Hi,
>
> Thanks for all the gr8 replies.
>
> Showing of already remediated vulnerabilities was what i was concerned.
> So i always have to take the reports from these scans with a pinch of
> salt. They even might miss something.
>
> But what if i am running say a web server on a non-standard port and
> have really disabled all settings that might allow an outsider to get
> a banner or version number of underlying application then will the
> scanners still be able to do some heuristics and come out with nearly
> correct answers.
>
> Can someone point me to any link that will provide more insight into
> this process.
>
> Regards
> Aseem
>
> On Wed, Jul 9, 2008 at 11:07 AM, Killy <killfactory_at_gmail.com> wrote:
> > Nessus can ne configured to perform safe scans. It will still for blank
> > root, as and administrator passwords under that config.
> >
> > So, it depends on your definition of exploit :)
> >
> > Nessus can also be configured to prrerform brute force attacks using a
> hydra
> > plugin/module
> >
> > You also perform thorough tests/scans.
> >
> > I have feeling that you are wanting to if nessus and qualys operate like
> > metasploit, canvas or other exploit frameworks.
> >
> > I would say no. But nessusbis very flexible and you can customize It and
> > create your own plugin to do just about anything.
> >
> > There is plenty of documentation and help online.
> >
> > Sent from my iPod
> >
> > On Jul 8, 2008, at 4:02 PM, "Aseem Kumar" <kumaraseem_at_gmail.com> wrote:
> >
> >> Hey,
> >>
> >> Can someone tell me (any weblink , any ebook, or direct answers) as to
> >> how the VA scans like those of Qualys or Nessus work?
> >>
> >> How do they find the vulnerabilities of a system without ever
> exploiting
> >> it?
> >>
> >> Regards
> >> Aseem
> >>
> >> -----------------------------------------------------------------------
> -
> >> This list is sponsored by: Cenzic
> >>
> >> Top 5 Common Mistakes in
> >> Securing Web Applications
> >> Get 45 Min Video and PPT Slides
> >>
> >> www.cenzic.com/landing/securityfocus/hackinar
> >> -----------------------------------------------------------------------
> -
> >>
> >
>
>
>
> --
> Love enables you to put your deepest feelings and fears in the palm of
> your partner's hand, knowing they will be handled with care.
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in
> Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on Jul 10 2008
Intro
