[Dailydave] Drinking the Cool-aid
Eggensperger, Roy E
Roy.Eggensperger at VerizonWireless.com
Mon Mar 3 11:47:23 EST 2014
> Authenticated scanners are a bad practice (imho)
Can you expand on this a bit more? I would be interested to hear your opinion as to why you say this. I think using authenticated scanners is an excellent way to identify:
1. Computers missed by the patch management process.
2. Effectiveness of patch management process. I've seen patch products report to the console that a host is patched; however, the scan proved that a given patch failed to apply.
3. Client software not managed and patched by IT (i.e., iTunes)
4. Mis configurations (i.e., Autorun, no SEHOP, no DEP, etc.).
Joe Gatt
@gattjoe
**********Lots and Lots of OS Updates and vulnerabilities that cant be seen from outside the box, is the risk of flinging around usernames and passwords on the network higher than the risk of not being aware of a vulnerability?
I dunno.....I lean towards no personally
________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140303/a5db2784/attachment.html>
More information about the Dailydave
mailing list