Re: PostgreSQL and NeXpose Rapid 7 Vulnerbility scanning software

From: Marc Bevand <m(dot)bevand(at)gmail(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: PostgreSQL and NeXpose Rapid 7 Vulnerbility scanning software
Date: 2010-06-03 19:11:01
Message-ID: loom.20100603T210159-765@post.gmane.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Arnold, Sandra <ArnoldS <at> osti.gov> writes:
>
> Is anyone using
> NeXpose Rapid 7 to scan your PostgreSQL databases for vulnerbilities?  If
> so, what authentication are you using to allow it to connect to your
> database?  Or, how are you configuring the software to allow it to connect
> to the database?

Hi Sandra,

Although Nexpose scans for PostgreSQL databases and can discover weak
credentials, etc, it does not currently allow endusers to specify
credentials. This feature will likely soon be available.

PS: we are being off-topic here, please use the nexpose-users mailing list:
https://mail.metasploit.com/mailman/listinfo/nexpose-users

-mrb

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Merlin Moncure 2010-06-03 20:03:47 Re: pgbouncer
Previous Message Pavel Stehule 2010-06-03 19:03:18 Re: Removing CONTEXT from RAISE EXCEPTION messages from triggers