Understand Apache web servers (runs on Unix only) & Apache Struts (can run in Windows & appliances) are different things:
Q1: Can the various VA scanners (like Nessus & McAfee Vulnerability Manager) detect the presence of Struts or you'll need to login to individual servers/ endpoints or have an agent running in them (like SCCM or MS Desktop Central) to check for the presence of Struts? Q2: Will DB encryption help stop Struts vulnerabilities eg, the recent one? Is the following true (someone told me): If hackers directly access the database (say using sql query tools/command to get sensitive data) on an encrypted DB, they would be stopped; if they hacked a user password or exploited a website (that had vulnerable Struts to the encrypted DB, it would be no help. It's kinda saying if my PC's HDD is encrypted (with a PBA password required), hackers can't access a powered down HDD but if the PC is powered up & logged in & there's a remote execution vulnerability to my OS, hackers can still get data out of my encrypted HDD via this remote execution vulnerability : is this a fair analogy? Sun
