RE: Why eEye Retina (was MBSA scanner)

From: Bojan Zdrnja (Bojan.Zdrnja@LSS.hr)
Date: Wed Apr 21 2004 - 20:48:34 EDT


 

> -----Original Message-----
> From: Steve [mailto:zen6696@zen.co.uk]
> Sent: Thursday, 22 April 2004 6:27 a.m.
> To: pen-test@securityfocus.com
> Subject: RE: Why eEye Retina (was MBSA scanner)
>
> I have had a similar experience with Retina, If you have authenticated
> to the target system then you do get a different set of results than if
> you have not authenticated. I have never used their tech support so I

Well, that is quite logical and expected, isn't it?
If you have domain administrator (or other) privileges on the remote
machine, it's obvious that you will be able to check additional things.
Almost every scanner will behave like that.

Also, be cautios as this might give you false positives, meaning that you
might detect things that are not exploitable without prior gaining
administrator privileges, after which everything falls down anyway.

Bojan Zdrnja
CISSP

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:52 EDT