NMRC Report: Commercial Vulnerability Scanners

From: Simple Nomad (thegnomeat_private)
Date: Mon Oct 11 1999 - 07:43:00 PDT

Next message: Aleph One: "Microsoft Security Bulletin (MS99-042)"

Previous message: Todd Sabin: "Re: BUG: Win NT TCP/IP Security filters does not get enforced"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

NMRC has written a short report entitled:

"Crackers and Commercial Vulnerability Scanners"

                   or

"I'm a lame cracker and can't get BASS to compile, how
can I download a commercial vulnerability scanner and
start checking the entire Internet in 5 minutes?"

The top commercial vulnerability scanners have little to no security
surrounding their licensing, making them excellent script kiddie tools.
These scanners are actively being used by the underground against targets.
All that is required is a download of the demo version of a vulnerability
scanner from a commercial vendor, and a little bit of time. Our report is
available at http://www.nmrc.org/lab/scanners.txt which gives the details.

    Simple Nomad    //
 thegnomeat_private  //  ....no rest for the Wicca'd....
    www.nmrc.org    //

Next message: Aleph One: "Microsoft Security Bulletin (MS99-042)"
Previous message: Todd Sabin: "Re: BUG: Win NT TCP/IP Security filters does not get enforced"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:07:09 PDT