Re: ISS Internet Scanner Cannot be relied upon for conclusive

[briank () conxion net (Brian Koref)]

Network and System security IS NOT a point solution.  ISS
scanner is just one tool. I know I'll never fully secure any one
system, let alone entire disparate enterprises comprised of
multitues of various modern and legacy OS/hardware/software,
rogue programs, etc...To keep up with with patches, security bugs,
poorly written C, CGI and perl scripts, rogue java applets is
frustrating and a full time job...

I know this isn't quite the forum for the above comment, but I do
want to mention a thought regarding banners.  I know of some
sysadmins, who change the banners for sendmail, ftp, telnet, imap,
etc...to "disguise" services.  I'm a little concerned about false
negatives, if scanner uses the "assumption" model for some of it's
scanning methodology.  If the tool behaves in that fashion, then it
should be noted in the report...BK