Opinions on GFI LANguard

[j2mccluggage at adelphia.net (Jody & Jennifer McCluggage)]

Hello Adrian,

 

We use Languard NSS.  Although I think it is a very good tool it does have a
tendency to return some false positives - like many tools - (particularly
around open ports)  and seems a tad bit sensitive on reporting vulnerability
level (if you did not know what you where doing you may think your machine
is highly vulnerable when it may not be).  I too have seen it report some
open ports that were not really open and report ports that belonged to
legitimate services as possibly being a Trojan. 

 

Again, I think it is a very good tool (it can also assist in patch
management and network and software auditing) as long as you follow-up on
its reporting.  This is just another example of why you cannot rely on tools
alone to secure your network. 

 

Jody 

 

  _____  

From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Adrian Crenshaw
Sent: Friday, May 15, 2009 10:02 PM
To: PaulDotCom Security Weekly Mailing List
Subject: [Pauldotcom] Opinions on GFI LANguard

 

I've been playing with GFI LANguard. I did a scan of one of my boxes, and it
say I have something like 19 different "Open ports commonly used by
Trojans". I did an "nmap -p 0-65535" and did not find and of the ports open
that LANGuard reported. I plan to do an AV sweap next, but does anyone have
any experiance with LANGuard? Is it prone to false positives?

Thanks,
Adrian  

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.325 / Virus Database: 270.12.30/2115 - Release Date: 05/15/09
17:55:00

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090515/0819d84a/attachment.htm