Subject: [Dshield] Outsourced Vulnerability scanning?

mmcgillis mmcgillis at
Fri Mar 1 14:32:33 GMT 2002

My guess is that they are charging to set up and monitor a snort box. 

On Thu, 28 Feb 2002, David Sentelle wrote:

> I know a friend who's network is being monitored by SecureWorks.  Info on them is available at 
> >From what I understand they email you daily with totals on the types of attacks and probes they've deterred.  The sample I saw seemed to be focusing on CodeRed and Nimda, but also reported some Queso, Syn/Fin, and Wingate probes.  They put a 1U rackmountable (cobalt?) UNIX box of some type between your router and the protected network.  This computer can operate in monitoring or blocking mode, depending on what you request of them.  
> I am not sure what their services cost, but seem to remember wondering where they were going to make money handing out that equipment and (presumably) assuming liability.
> My friend did say that his firewall sitting behind their box still rejects lotsa of packets, which makes me wonder what that box is doing, anyhow.
> --__--__--
> Message: 2
> From: "MM" <mmhome at>
> To: <list at>
> Date: Wed, 27 Feb 2002 14:31:15 -0600
> Organization: SSI
> Subject: [Dshield] Outsourced Vulnerability scanning?
> Reply-To: list at 
> Does anyone know of a good IT auditing firm that focuses on monthly
> vulnerability scanning? My company needs a third-party to outsource this
> security service to for legal liability purposes. We have looked into @Stake
> and larger players, but they charge an exorbitant amount of money for little
> work. We have looked at smaller players like and like
> their low cost subscription service, but what I really wanted to know is
> does anyone have any suggestions to picking a security vendor that does this
> kind of work and what I should watch out for?
> Kevin
> This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this e-mail in error, please notify admin at and delete it from your system.
> _______________________________________________
> Dshield mailing list
> Dshield at
> To change your subscription options (or unsubscribe), see:

More information about the list mailing list