Обсуждение: PostgreSQL and NeXpose Rapid 7 Vulnerbility scanning software

Поиск
Список
Период
Сортировка

PostgreSQL and NeXpose Rapid 7 Vulnerbility scanning software

От
"Arnold, Sandra"
Дата:
Is anyone using NeXpose Rapid 7 to scan your PostgreSQL databases for vulnerbilities?  If so, what authentication are you using to allow it to connect to your database?  Or, how are you configuring the software to allow it to connect to the database?
 
Thanks,
 
Sandra Arnold
Sr. Database Administrator
DOE/OSTI
Oak Ridge, TN

Re: PostgreSQL and NeXpose Rapid 7 Vulnerbility scanning software

От
Marc Bevand
Дата:
Arnold, Sandra <ArnoldS <at> osti.gov> writes:
>
> Is anyone using
> NeXpose Rapid 7 to scan your PostgreSQL databases for vulnerbilities?  If
> so, what authentication are you using to allow it to connect to your
> database?  Or, how are you configuring the software to allow it to connect
> to the database?

Hi Sandra,

Although Nexpose scans for PostgreSQL databases and can discover weak
credentials, etc, it does not currently allow endusers to specify
credentials. This feature will likely soon be available.

PS: we are being off-topic here, please use the nexpose-users mailing list:
https://mail.metasploit.com/mailman/listinfo/nexpose-users

-mrb