Comments on: Comprehensive Vulnerability Scanner http://blogsecurity.net/news/comprehensive-vulnerability-scanner Always something worth reading... Fri, 12 Mar 2010 11:09:45 +0000 http://wordpress.org/?v= hourly 1 By: Wordpress Themes http://blogsecurity.net/news/comprehensive-vulnerability-scanner/comment-page-1#comment-12370 Wordpress Themes Sun, 27 Jul 2008 23:19:03 +0000 http://blogsecurity.net/news/comprehensive-vulnerability-scanner/#comment-12370 great tools great tools

]]> By: BlogSecurity » Blog Archive » BlogSecurify Demo Video! http://blogsecurity.net/news/comprehensive-vulnerability-scanner/comment-page-1#comment-11575 BlogSecurity » Blog Archive » BlogSecurify Demo Video! Mon, 09 Jun 2008 09:46:25 +0000 http://blogsecurity.net/news/comprehensive-vulnerability-scanner/#comment-11575 [...] guys are going to love our new wp-scanner and blog security testing service! We’ll be adding loads more tests and support multiple blog types not just [...] [...] guys are going to love our new wp-scanner and blog security testing service! We’ll be adding loads more tests and support multiple blog types not just [...]

]]> By: Tim Linden http://blogsecurity.net/news/comprehensive-vulnerability-scanner/comment-page-1#comment-11445 Tim Linden Wed, 21 May 2008 13:47:29 +0000 http://blogsecurity.net/news/comprehensive-vulnerability-scanner/#comment-11445 I'd probably give it a try. You could even go the daily scanning route and bill monthly for it and make some cash from it. I’d probably give it a try. You could even go the daily scanning route and bill monthly for it and make some cash from it.

]]> By: .mario http://blogsecurity.net/news/comprehensive-vulnerability-scanner/comment-page-1#comment-11286 .mario Mon, 19 May 2008 07:36:49 +0000 http://blogsecurity.net/news/comprehensive-vulnerability-scanner/#comment-11286 @Michael: The last version is checking for a HTML comment inside the blog's markup to determine if it's allowed to be scanned or not. I think this is not a good idea - since a vulnerable blog's markup can be changed (XSS, SQLi etc.) to enable the scanner and search for more. Best method imho is to check for a specific file in the webroot - like in Google Analytics or the webmaster tools. @Michael:

The last version is checking for a HTML comment inside the blog’s markup to determine if it’s allowed to be scanned or not. I think this is not a good idea – since a vulnerable blog’s markup can be changed (XSS, SQLi etc.) to enable the scanner and search for more. Best method imho is to check for a specific file in the webroot – like in Google Analytics or the webmaster tools.

]]> By: Michael Clark http://blogsecurity.net/news/comprehensive-vulnerability-scanner/comment-page-1#comment-11258 Michael Clark Sun, 18 May 2008 15:29:14 +0000 http://blogsecurity.net/news/comprehensive-vulnerability-scanner/#comment-11258 Keep in mind that a service like this could easily be abused. I'd guess that most cheapie-hosters wouldn't want their clients probing their servers with a service like this. I guess that's one advantage of charging a fee, to weed out crackers. Keep in mind that a service like this could easily be abused. I’d guess that most cheapie-hosters wouldn’t want their clients probing their servers with a service like this. I guess that’s one advantage of charging a fee, to weed out crackers.

]]>