Security Basics mailing list archives

Re: Need Some Basic Information

From: Shane Anglin <shane.anglin () gmail com>
Date: Tue, 20 Dec 2011 18:55:23 -0500

And the great thing with Tenable Security Center is you can choose from a set of credentials to scan with without 
having to know the passwords... Assuming you have the admins key in their secret admin level passwords ahead of time. 
And Tenable can set who can use high credentials... Lots of granularity.

Regards,
Shane Anglin



On Dec 20, 2011, at 5:35 PM, Todd Haverkos <infosec () haverkos com> wrote:

Thugzclub Thugzclub <thugzclub () googlemail com> writes:

We have a UNIX estate, does this credentialed scan work on them as
well ?


Yes.   And you'll find that for scanning Unix boxes, there are some
features that Tenable's wares have that one of their rather aggressive
competitors lacks (sudo / su and sudo+su) lacks.   This came to light
during a shootout I did.   So whatever vendors you look at, be sure to
look carefully at the authentication options supported for unix
scanning. 

The only host-based vendors I was aware of that could do anything on
unix were bigfix and landesk, and with neither being security
companies, the coverage is ... not really what an infosec group wants
to know.


--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Need Some Basic Information shivaone (Dec 19)
- Re: Need Some Basic Information Jose Fuertes (Dec 19)
- RE: Need Some Basic Information William Baltas (Dec 19)
- Re: Need Some Basic Information Fábio Soto (Dec 19)
  - Re: Need Some Basic Information Todd Haverkos (Dec 19)
    - Re: Need Some Basic Information Fábio Soto (Dec 20)
    - Re: Need Some Basic Information Thugzclub Thugzclub (Dec 20)
    - Re: Need Some Basic Information Shane Anglin (Dec 20)
    - Re: Need Some Basic Information Thugzclub Thugzclub (Dec 20)
    - Re: Need Some Basic Information Todd Haverkos (Dec 20)
    - Re: Need Some Basic Information Shane Anglin (Dec 20)
    - Re: Need Some Basic Information Jeffrey Walton (Dec 20)
    - Re: Need Some Basic Information Todd Haverkos (Dec 20)
- Re: Need Some Basic Information Steve Armstrong (Dec 20)