Re: Vulnerability assessment for small business

From: Ivan . (ivanhec@gmail.com)
Date: Thu Sep 29 2005 - 23:47:04 EDT


Hit the joint with GFI LANguard Network Security Scanner (N.S.S.)

http://www.gfi.com/languard/

cheers
Ivan

On 9/28/05, Billy Dodson <billy@pmicromart.com> wrote:
>
>
> When doing a vuln assessment for a small business (25 PC's, no server)
> which is using a peer-to-peer windows network, how do you approach this?
> Say the customer has a firewall...but they don't host any services. All
> of the PC's have local usernames and passwords that vary from machine to
> machine. There is no one single administrator account across the board,
> and you have little time. So you cant run many automated tools to check
> patch levels and what not because you cant get remote access to the
> registry. There are no services to be tested from the outside. Do you
> manually go to each machine and test them individually? Of course you
> can run null scans on the LAN, but that is not going to provide the
> depth you need. Any ideas and pointers would be great.
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:01 EDT