Re: Vulnerability and Penetration Testing?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Vulnerability and Penetration Testing?

From: John Mason Jr <notvalid@cox.net.invalid>
Date: Fri Mar 31 2006 - 00:04:08 CEST



Ross M. Greenberg wrote:


>> Snort is a NIDS, not a penetration tester. So far Nessus is pretty


>> useful, but manual testings with hping(|2|3) are recommended for


>> firewall tests.


> 


> I'm looking for an automated penetration tester: push a button and find out 


> if a firewall is any good or not -- that kind of thing. hping is too 


> subjective, both in choosing the tests and interpreting them.


> 


> 



If you want to scan machines on your class c for vulnerabilities try 


<http://www.tenablesecurity.com/products/newt.shtml>



If you want to look for open ports and services



<http://www.insecure.org/nmap/download.html>



If you want to try and use exploits



<http://www.metasploit.com>



If you want automated pen testing



<http://www.coresecurity.com/products/coreimpact/index.php>


Received on Mon May  1 01:03:33 2006