-
April 25th, 2005, 07:40 PM
#1
Member
Project: Linux Security Auditing Tool?
Ola:
Has anyone worked with this tool:
Project: Linux Security Auditing Tool:
http://sourceforge.net/projects/usat/
It looks interesting, and we were going to test it out in our lab, but itappears not to have any developer activity on it, and it is still in beta. Any thoughts on this?
Gracias.
-
April 27th, 2005, 01:43 PM
#2
If you are looking for security auditing, check out Nessus.
http://www.nessus.org
They have official releases, and it is probably similair to what you are looking to test.
kr5kernel
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
-
May 11th, 2005, 04:53 PM
#3
Member
Ola:
Thanks for the reply back. We have NESSUS and ISS, but I wanted a third tool (perhaps that is inefficient) to counter any false positives or false negatives found with NESSUS and ISS. I was looking into Typhon III earlier (http://www.antionline.com/showthread...hreadid=267970) but that porridge was too hot. For now, I will stick with ISS and NESSUS and probably join their mailists, if they have them to combat the false positives/negatives. And the reason that is a sticking point for us, is that I don't want the admins chasing wild geese if at all possible, when it comes to vulnerabilities.
Gracias.
-
May 11th, 2005, 05:11 PM
#4
The horse had a good thread not to far back about picking software you feel comfortable with, and then learning the hell out of it. With so many choices its often hard to stick to one.
kr5kernel
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
-
May 11th, 2005, 08:46 PM
#5
Nessus isn't a security auditor, it's a network scanner.
The Titan Security Toolkit ( http://www.fish.com/titan/ ) is decent, typically revs come out for Solaris first and then Linux and BSD modules come out.
I'd avoid non-production level security tools, especially those with no developer activity.
cheers,
catch
-
May 12th, 2005, 04:41 AM
#6
Originally posted here by catch
Nessus isn't a security auditor, it's a network scanner.
I agree but would change to network device or host vulnerability scanner.
And a darn good one to boot for the price.
thwhomp:
Are you looking to harden existing Linux installs?
-
May 12th, 2005, 08:46 AM
#7
I agree but would change to network device or host vulnerability scanner.
Oh, perhaps... I've not used it in awhile. They must have finally added the ability to effectively scan multi-level hubs, transparent proxies, and passive NIDSes. Or maybe they've only added the ability to scan for insecure libraries or rights propigation paths.
Good to see they've continued progress so substantially.
cheers,
catch
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|