[unisog] Automated vulnerability tests upon host to network attachment

marchany at vt.edu marchany at vt.edu
Fri May 16 12:55:05 GMT 2003


>However, a great deal of good could be accomplished by a few simple checks 
for >the most common problems. For example,
>1) Does the NT/2k/xp Administrator account have a strong password.
>2) Is port 80 open and is it susceptible to unicode traversal.

Yep, those are great checks. In fact, I would use a scanner that checks for 
the SANS/FBI Top 20 Internet threats doc. That has the most common 
vulnerabilities and the 2 that Gary mentioned above are included in that list.

The "solution" kit is the key to getting user buy-in AND protecting your net.

	-r.



More information about the unisog mailing list