#30DaysOfSecurityTesting – Task IV

vulnerability

All previous posts in this series: I, II, X, XXX

Task: Learn anything about Vulnerability Scanning

I looked for the answer in “How To Break Web Software” – book, which I chose in task II. In the index, the only page selected for “vulnerabilities, searching for” is page 107. You can see it in the image above.

It was not enough for me. So I checked the source, which, as I learned from my son, has many answers:

Than I found the list of vulnerability scanners. The experts will LOL about my comparison of Nessus and Nmap, but that is what works for me:

  • Nmap is free, the website from 90’s and tool is difficult to configure.
  • Price of Nessus single user licence is “$2,190 USD/year” (funny that they use both: $ and USD for the price), modern website and the tool seems to be very user-friendly (according to demonstration above).

I consider to download Nessus and scan my home network. Curious what it will say about my internet radio. Download starts with filling out the form, even if you want try-out for single user licence you have to select your job position. In the list you will find all kind of people, except software testers.

screen-shot-2017-02-04-at-23-58-53

The more I think about web security, the more it reminds me birth control. Some of us blindly trust a protection of their choice, some think that nothing will happen anyway and use none and there are some of us, who choose to walk on the edge. Negative consequences of some of those decisions are AIDS, fertility treatments or teen mums.

I am quite a sceptic – if we cannot handle issues of our own bodies and health, then such abstract thing as web security has no chance to get our attention before something really bad happened.

6 thoughts on “#30DaysOfSecurityTesting – Task IV

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s