[wplug] Any Suggestion for DSL Service for Linux?
Robert Dale
rdale at wplug.org
Tue Jan 16 11:20:27 EST 2001
On Tue, 16 Jan 2001 jmh3 at linuxfreak.com wrote:
> On Tue, 16 Jan 2001, Robert Dale wrote:
>
> > I would not recommend SAINT. It is inaccurate and obscure.
> > If you just want to see what services are running, try nmap -
> > http://www.insecure.org/nmap/
> > If you want to do a vulnerability check, try nessus - http://www.nessus.org/
>
> when i ran it, it showed the same information as nmap. it also had with it
> a information on various security issues and which os's they applied to.
> i didn't find it to be that obscure. it ran from a webbrowser with a java
> interface. the security descriptions were straight out of bug
> track/security focus. i'm not a security guru by any means, but i thought
> it was very informative.
For every service it lists _possible_ vulnerabilities. This is nearly
meaningless. And for anyone who doesn't have much time, it's completely
useless.
There is too much hype about SAINT. I was happy when I read this
article - http://www.nwc.com/1201/1201f1b1.html. Finally someone
agreed with me that SAINT basically sucks and Nessus rules.
In any case, if you're just interested in what ports are open, then nmap
does the job efficiently. It probably doesn't make much difference to
people scanning only one machine, but multiple that by 50 and there's a
world of difference.
--
Robert Dale
More information about the wplug
mailing list