Geeks With Blogs
Drewby Made from 60% post-consumer recycled fiber.

I used to work exclusively with infrastructure and security and this session made me long for a good-ol-fashion infrastructure project. There's a totally different state-of-mind here when you are managing network and server environments in which applications run rather than building applications. No doubt, infrastructure is where the rubber meets the road. Without security, you're application doesn't have a prayer of running let alone running with some stability.

This session went over vulnerability scanners, somewhat of a controversial subject. Scanners are one of those tools that are used by both whitehat and blackhat hackers. Those working for your security and against your security.

The presention did a great job of describing what a vulnerability scanner is and how to pick out the right tools. Three points stood out to me:

1. Know your scanner's database source - its important to trust the information that your scanner is using. Getting a false sense of security because of an incomplete database is dangerous.

2. Vulnerability scanners are loud and they should be - when we're scanning a network, we want administrators to notice. If they don't notice our vulnerability scanner, they will certainly never notice a hacker.

3. Vulnerability scanners have vulnerability too - many scanners require root access. A server being scanned can be configured to respond to a scanner in a way to exploit and potentially run code on the scanner machine. Look for scanners that don't require root access to run or only use those priviledges when required.

Great presentation that was a refreshing break from development. It was also nice seeing Ben Smith, one of the speakers who I worked with years ago.

Posted on Tuesday, May 25, 2004 2:40 PM | Back to top

Copyright © Drew Robbins | Powered by: