Results 1 to 4 of 4

Thread: Best practices for host assessment

  1. #1
    Junior Member
    Join Date
    Feb 2004
    Posts
    7

    Best practices for host assessment

    Hi,

    Could you share some experience how to perform host assessment. From what I know, it’s not much different from network assessment cause we also can do it remotely. (correct me if I’m wrong).. the same tools as VA, just put the credential (username and password)

    Tools = same as network assessment, vulnerability scanner such as Lan Guard, Nessus, Shadow Security Scanner etc2

    Different – for host assessment, just put credential

    What do you think…or should I run this tools locally… mean I have to install it on each server I want to audit

  2. #2
    Senior Member
    Join Date
    Dec 2007
    Posts
    132
    It depends on how you're contracted/tasked/(wanting to do it on your own?). Whether you're dong an individual host assement or an entire subnet, it's up to the person you're doing it for to specify if they want it done remotely, locally, with or without admin credentials, etc. Nessus has the option to poke around with credentials but there's really no standard "this-is-what-you-must-use" tool, it's up to your toolbox. Yes, the tools are similar and in many cases the same, but if there were no detailed requirements of what you can/can't use, then it all depends on how you want to do it. If your doing it locally you may want to use a tool that specializes in local scans. I use a proprietary disk so I really can't offer a suggestion but I'm sure there are some other ones there. But, again, Nessus and your regular toolkit will probably be good enough.

  3. #3
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    I think you should do the scans remotely and without credentials. That is how an attack would be carried out in the real world. As far as software there are lots of things that you can use, you seem to have a nice list there but you might want to check out eeye.com too and look at retina i think it is called.

  4. #4
    Senior Member
    Join Date
    Dec 2007
    Posts
    132
    scans shouldn't be limited unless that's what the customer wants. if you're doing it for yourself then you definately want to do a local scan with credentials. it gives you a real good insite into things you may have overlooked when hardening your system. and if an attacker gained access to the machine, they'd figure out everything you missed by not doing one...

Similar Threads

  1. securing applications: risk assessment?
    By Guan-Di in forum Newbie Security Questions
    Replies: 9
    Last Post: April 16th, 2006, 04:44 PM
  2. Industry Best Practices: Information/Links?
    By KuiXing-2005 in forum Newbie Security Questions
    Replies: 3
    Last Post: March 2nd, 2005, 06:55 PM
  3. Ethical Hacker Certification
    By apollovega in forum Newbie Security Questions
    Replies: 41
    Last Post: July 29th, 2004, 04:21 AM
  4. Common *nix Security Practice's
    By Spyder32 in forum *nix Security Discussions
    Replies: 27
    Last Post: June 20th, 2004, 10:25 AM
  5. Good Password: Common Practices
    By jdenny in forum The Security Tutorials Forum
    Replies: 7
    Last Post: August 30th, 2002, 04:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •