Re: scan.sygate.com. over-scanning?

From: H D Moore (sflistat_private)
Date: Fri Jul 25 2003 - 14:44:21 PDT

Next message: morning_wood: "[Full-Disclosure] Resolved - IRCX Pro"

Previous message: Kent Borg: "Re: ssh host key generation in Red Hat Linux"
In reply to: Stephen Samuel: "scan.sygate.com. over-scanning?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I requested a scan from them over a year ago. They ran a complete 
vulnerability scan about five minutes after the port scan, followed by a 
*second* vulnerability scan almost six hours later. Following the second 
scan, there appeared to be some manual attempts by someone on their staff 
to verify certain (fake) vulnerabilities found. The whole process was 
bordering criminal, glad to see someone else noticed it...

-HD

On Friday 25 July 2003 03:29 pm, Stephen Samuel wrote:
> On a lark, I went to the sygate site, and asked them to do a
> port scan.  From all I can see on the site, they seem to ONLY
> claim to do a port scan, but a while later, I got a note from
> my system about them doing a good bit more than just scanning
> for an open port 80.

Next message: morning_wood: "[Full-Disclosure] Resolved - IRCX Pro"
Previous message: Kent Borg: "Re: ssh host key generation in Red Hat Linux"
In reply to: Stephen Samuel: "scan.sygate.com. over-scanning?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 25 2003 - 15:30:45 PDT