Re: OT: vulnerability scanner

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thank you, I have looked at Nessus however from what I can tell it does not do vulnerability scanning like tara, for instance: checking permissions on .rhosts files, looking for world writable system directories ....

I was trying Nessus this morning and it would not compile on FC3, I get error

$ make
cd nessus && make
make[1]: Entering directory `/tmp/nessus-core/nessus'
gcc -g -O2  `sh ./cflags`        -c xstuff.c
xstuff.c:32:21: gtk/gtk.h: No such file or directory
In file included from xstuff.c:35:
.
.
.


I am trying to work through that though.

Thank you again,
  Jamie Bohr

On 8/10/05, Rick Stevens <rstevens@xxxxxxxxxxxxxxx> wrote:
Scot L. Harris wrote:
> On Wed, 2005-08-10 at 14:41, Jamie Bohr wrote:
>
>>I know this is off topic but ...
>>
>>I am looking to a vulnerability scanner for UNIX.  Currently we (the
>>company I work for) are using TARA and have come to the conclusion
>>that either we need to switch to something else or give TARA a major
>>overhaul.  Before we went down updating TARA I thought I would see
>>what else was out there that could be a direct TARA replacement and
>>possibly have more features, central reporting be one of them.
>>
>>Thank you for you time,
>>   Jamie Bohr
>
>
> Are you looking for something like nessus?  You can get some fairly
> comprehensive web based reports from nessus for the systems on your
> network.

Yes, nessus is good, but beware of false positives from nessus.  It may
report that you have package foobar-X.Y which has a certain
vulnerability, when in fact you have foobar-X.Y-xx.yy where that has
been fixed.  Nessus doesn't necessarily know about fixes in incremental
releases.  It looks at the signon message or behaviour of the program
and bases its recommendations on that.  Just wanted you to be aware of
that.

You can also use nmap to portscan your systems and see which ports a
given machine is listening on.  We also use portsentry and snort to
watch things go bump on the network, as well as firewalling the kapok
out of things.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens@xxxxxxxxxxxxxxx -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-   Never test for an error condition you don't know how to handle.  -
----------------------------------------------------------------------

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux