> > okay.... i'll bite ... why does everybody/somebody think that > "pen-test" > > means to run a port scan w/ nmap/nessus .. etc .. > > Exactly this is the reason why penetration testing isn't only running of > nmap/nessus/iss/whatever, but more important - interpretation of > results and > additional steps taken. > > Everyone can run tools, but only people who understand things can > interpret > their results and find additional possible or existing security problems. Agreed. However, anybody can just run the tools and say "oh crap, I'm terribly vulnerable" and maybe, just maybe, they'll go to Windows Update and we'll have one less machine spreading the next big worm. To go back in time a little, the original poster asked for a tool to enumerate hosts, scan them for vulnerabilities, and attempt to exploit them. I think we're all aware that that does not make a full pen-test, but it could have many uses. It could be that he's just become aware of security issues and wants to do a quick test of his LAN. Perhaps he's a black-hat trying to expand his bot-net. Who knows? I do think that it's important that we not just dismiss Nessus with "that's not a real pen-test." It's true, it isn't a full pen-test, but it doesn't claim to be. What it does do is give the end user a bit of a chance. Most people can't afford to either a) learn how to do a complete pen-test, or b) hire a team. Tools like Nessus are the first step in getting joe-user to secure his box. Paul. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Jul 22 2003 - 13:23:07 PDT