[12207] in bugtraq
NMRC Report: Commercial Vulnerability Scanners
daemon@ATHENA.MIT.EDU (Simple Nomad)
Tue Oct 12 02:14:25 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSF.4.10.9910110941430.4244-100000@shell.fastlane.net>
Date: Mon, 11 Oct 1999 09:43:00 -0500
Reply-To: Simple Nomad <thegnome@NMRC.ORG>
From: Simple Nomad <thegnome@NMRC.ORG>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
NMRC has written a short report entitled:
"Crackers and Commercial Vulnerability Scanners"
or
"I'm a lame cracker and can't get BASS to compile, how
can I download a commercial vulnerability scanner and
start checking the entire Internet in 5 minutes?"
The top commercial vulnerability scanners have little to no security
surrounding their licensing, making them excellent script kiddie tools.
These scanners are actively being used by the underground against targets.
All that is required is a download of the demo version of a vulnerability
scanner from a commercial vendor, and a little bit of time. Our report is
available at http://www.nmrc.org/lab/scanners.txt which gives the details.
Simple Nomad //
thegnome@nmrc.org // ....no rest for the Wicca'd....
www.nmrc.org //
