Network and System security IS NOT a point solution. ISS scanner is just one tool. I know I'll never fully secure any one system, let alone entire disparate enterprises comprised of multitues of various modern and legacy OS/hardware/software, rogue programs, etc...To keep up with with patches, security bugs, poorly written C, CGI and perl scripts, rogue java applets is frustrating and a full time job... I know this isn't quite the forum for the above comment, but I do want to mention a thought regarding banners. I know of some sysadmins, who change the banners for sendmail, ftp, telnet, imap, etc...to "disguise" services. I'm a little concerned about false negatives, if scanner uses the "assumption" model for some of it's scanning methodology. If the tool behaves in that fashion, then it should be noted in the report...BK
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:33:56 PDT