Subject: [Dshield] Outsourced Vulnerability scanning?

Tony Carothers tony.carothers at
Fri Mar 1 15:11:32 GMT 2002  does this kind of thing now.  VERY sharp group.

-----Original Message-----
From: mmcgillis [mailto:mmcgillis at]
Sent: Friday, March 01, 2002 6:33 AM
To: list at
Cc: mmhome at
Subject: Re: Subject: [Dshield] Outsourced Vulnerability scanning?

My guess is that they are charging to set up and monitor a snort box. 

On Thu, 28 Feb 2002, David Sentelle wrote:

> I know a friend who's network is being monitored by SecureWorks.  Info on
them is available at 
> >From what I understand they email you daily with totals on the types of
attacks and probes they've deterred.  The sample I saw seemed to be focusing
on CodeRed and Nimda, but also reported some Queso, Syn/Fin, and Wingate
probes.  They put a 1U rackmountable (cobalt?) UNIX box of some type between
your router and the protected network.  This computer can operate in
monitoring or blocking mode, depending on what you request of them.  
> I am not sure what their services cost, but seem to remember wondering
where they were going to make money handing out that equipment and
(presumably) assuming liability.
> My friend did say that his firewall sitting behind their box still rejects
lotsa of packets, which makes me wonder what that box is doing, anyhow.
> --__--__--
> Message: 2
> From: "MM" <mmhome at>
> To: <list at>
> Date: Wed, 27 Feb 2002 14:31:15 -0600
> Organization: SSI
> Subject: [Dshield] Outsourced Vulnerability scanning?
> Reply-To: list at 
> Does anyone know of a good IT auditing firm that focuses on monthly
> vulnerability scanning? My company needs a third-party to outsource this
> security service to for legal liability purposes. We have looked into
> and larger players, but they charge an exorbitant amount of money for
> work. We have looked at smaller players like and
> their low cost subscription service, but what I really wanted to know is
> does anyone have any suggestions to picking a security vendor that does
> kind of work and what I should watch out for?
> Kevin
> This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which they are
addressed. If you have received this e-mail in error, please notify
admin at and delete it from your system.
> _______________________________________________
> Dshield mailing list
> Dshield at
> To change your subscription options (or unsubscribe), see:

Dshield mailing list
Dshield at
To change your subscription options (or unsubscribe), see:

More information about the list mailing list