On Wed, 30 May 2001 railwayclubposseat_private wrote: [SNIP] > his pen test posted on Security Focuses' Pen-Test mailing list brings up > the question of the testing of protocols as to the OSSTMM > (http://www.osstmm.org) and the reliability of NMAP's protocol scanning. > As > I apply the module "Port Scanning" the tasks for protocol identification > are > a bit difficult to automate. Of course, NMAP claims to do it but I > consistantly get at least IGMP for most systems which I do have difficulty > with accepting. I use NMAP for many of the tasks in that section but hav > been hesitant on the protocol testing. Of course a bit of scripting will > automate some but while I was a bit hesitant about NMAP's results I thought > I would ask what others thought of this. > Agreed, and yet, we should perhaps be wary of relying upon a single tool or even two for determining the results of port scanning and vulnerability scans. Rather a number of tools should be used, as some of the weaknesses of single tools are better interpreted with an eye upon consistency of findings amongst the tools used. Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
This archive was generated by hypermail 2b30 : Thu May 31 2001 - 17:49:54 PDT