From: Funk Jr, Joseph C. (jcfunkjr@co.bucks.pa.us)
Date: Wed Nov 26 2003 - 11:44:22 EST
Reasoning behind my comment was the idea this list is intended more for security professionals and less for end users. Though nonetheless I agree on all your points. No disrepect intended, apologies if any taken.
I was aware of the site, found it at least as 'usefull' as I would to myself as I would any other self scan site, however I do see the benefit for the end user who has less working knowledge.
-----Original Message-----
From: Rogie AkHeim [mailto:rogie@iname.com]
Sent: Tuesday, November 25, 2003 7:11 PM
To: pen-test@securityfocus.com
Subject: An excellent online pen-test tool
An excellent online tool is one that is fast, free, unrestricted and is not trying to constantly sell you something. AuditMyPC.com meets those guidelines.
I agree that there is no substitute for understanding what processes own TCP and UDP endpoints. For most users, a drop to DOS and interpreting the results of netstat's output is not such a simple task. (use TCPView for this)
This site offers a host of other tests and security related material that the average user would otherwise find difficult to obtain.
The fact is, most users disregard what is running on the OS and rely upon a firewall to block the open ports. For these users, a remote scan can yield very useful results.
As for social engineering, a site could pose as a legitimate vulnerability assessment service, but they wouldn't last more than a few months.
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:42 EDT