[unisog] Automated vulnerability tests upon host to network attachment

Elliot Metsger emetsger at jhu.edu
Fri May 16 13:58:36 GMT 2003



On Thu, 15 May 2003, Gary Flynn wrote:

>
>
> Elliot Metsger wrote:
> >
> > And what would be the purpose of the scanning?  Would it just be for your knowledge (i.e. you throw the scan
> > results in a database) or would you allow/deny access based on what ports were open?  Seems like you would ruffle
> > the feathers of network users for not a lot of gain :)
>
> Ideally, to deny access if severe vulnerabilities are
> present. Since we immediately restrict network access
> of any IIS machine discovered to be infected with
> Code Red or Nimda, why not do it fifteen minutes
> earlier before they connect to the network if the
> scanner tells us they're susceptible.

I understand that ... I guess as long as the support is there for the user when they come to the help desk
wondering why they can't get onto the network ...

Elliot




More information about the unisog mailing list