-
October 24th, 2004, 03:04 PM
#1
How secure is your box?
I have found this website and I think it is awesome it has alot of different vulnerability scanners that better help gauge what needs to be looked at to secure the box.
It is the Gibson Reaserch Corporation -
http://www.grc.com/default.htm
- MilitantEidolon
Yeah thats right........I said It!
Ultimately everyone will have their own opinion--this is mine.
-
October 24th, 2004, 04:33 PM
#2
MilitantEidolon
Yo, You got some great enthusiasm going their! Hopefully it catching.
I don't want to dissuade you from using his site, but I believe he puts out a whole lot of fluff. I have visited his site since it's early years and IMHO, progressively I have seen quite the salesman working his trade. I haven't read any of his recent articles however when I have in the past, I had issues with boastfulness and what appears to be a self-proclaiming expertise. He can provide you some tools etc., and can show you which ports are open, but after that, I would question the usefulness of the information and not be soley reliant upon his information. I guess I just don't want someone leaving his site with a false sense of security and the impression that all is well.
There are a couple of other sites that provided scans as well, here's the sygate one.
http://scan.sygate.com/
Additionally, you can complete your own scans using nmap for linux and it is ported for windows as well. And of course there are other scanners out there. However, by doing it yourself it's an opportunity to learn and not be blinded by the carnival lites and hullabaloo.
http://www.insecure.org/nmap/nmap_download.html
Kudos for the thought though.
cheers
Connection refused, try again later.
-
October 24th, 2004, 05:39 PM
#3
Search Button! Search Button!
-
October 24th, 2004, 06:12 PM
#4
I don't want to dissuade you from using his site, but I believe he puts out a whole lot of fluff. I have visited his site since it's early years and IMHO, progressively I have seen quite the salesman working his trade
I have to agree with Relyt's opinion of Steve Gibson. I do feel that he genuinely wishes to educate people whilst at the same time advertising a product of his. Also, he fixates on fringe issues with a hectoring, almost proselytizing zeal. It's unfortunate because I believe his site does contain some excellent inductory resources for newbies on TCI/IP (3 way handshake), as well as his anatomy of an attack when GRC was hit with a DDoS and a RDDoS by a 13 year old script kiddie. In other words, I actually learnt a little.
Unlike Happyhackers site, which mercifully has finally ended. Talk about misinformation and a schizophrenic attitude! I was suckered into that site and put my brain on neutral because I didn't bother to question the validity of the site until I had wasted plenty of time on it. Caroline would use almost script kiddie language to describe 'tutorials', which largely glossed over the subject at hand and didn't provide any education value until you read through to the end and was encouraged to find out more by purchasing the book. Like GRC, self-advertisment but without any educational nutrition whatsoever.
Your mileage may vary however.
Regards,
Riotgirl
\"Don\'t worry. I don\'t have low self-esteem. It\'s a mistake. I have low esteem for everyone else\".
-
October 24th, 2004, 07:43 PM
#5
Originally posted here by Riotgirl
I have to agree with Relyt's opinion of Steve Gibson.
How about everyone on AO team together and Haxx0r The Gibson?
According to the movie a 3 letter password is a loud on a Mainframe, and it's as easy as dialing in. Hell, a Laptop hooked into a payphone can boot up wth a Network connection too it!
-
October 25th, 2004, 03:03 AM
#6
To reiterate:
Originally posted here by SDK
Search Button! Search Button!
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
-
October 25th, 2004, 03:52 AM
#7
Thanks for the insite on this guy. I will continue you using a few of his scanners because I do like them. However, I never limit myself to one opinion.
If I am diagnosed with *cancer I get two doctors opinions and in the same way when I am using a vulnerability scanner I use a few different tools.
I do the same with antivirus software. I will have an all time antivirus proggy and once in awhile I will double check on
http://housecall.trendmicro.com/hous...start_corp.asp
But thanks for the information!
* I am in no way saying getting cancer is equal to having a vulnerable port. However, if you look at it this way... However is you say People : Cancer :: Computer : Virus you may have something there.
- MilitantEidolon
Yeah thats right........I said It!
Ultimately everyone will have their own opinion--this is mine.
-
October 25th, 2004, 03:23 PM
#8
People : Cancer :: Computer : Virus
More like
People : HIV :: Computer : Virus
Also, you might want to get Shrekkie's nmap scan URL off him. Just PM him. That's probably a more thorough scan than GRC's.
Cheers,
cgkanchi
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|