Re: [fw-wiz] VA vs PT tool

From: Cat Okita (cat_at_reptiles.org)
Date: 06/15/03

  • Next message: Barney Wolff: "Re: [fw-wiz] HTTPS, proxies, and remote developers."
    To: Gregory Austin <greg@austinconsulting.com>
    Date: Sun, 15 Jun 2003 13:19:42 -0400 (EDT)
    
    

    On Fri, 13 Jun 2003, Gregory Austin wrote:
    > Of course Ben's response also included what I think is an unjust shot
    > at Nessus. In my experience *all* of the tools are capable of screwing up
    > something on a production network, not just Nessus. Configured correctly
    > Nessus is no worse than most and better than some. IMNSHO Nessus is the
    > only product in this class that is worth as much or more than what you paid
    > for it. I'm often in the position of testing with both Nessus and another
    > (commercial) vulnerability assessment tool, and I've found that the biggest
    > difference between them is fairly small--their results mostly overlap, with
    > each one finding something useful the other didn't. Of course the other
    > not so minor difference is the $20,000 gap between the two when it comes to
    > testing a large environment. There are legitimate places to pick on Nessus
    > (occasional instability and weak data manipulation/reporting are a couple
    > that jump to mind) but I think suggesting it will burn down your network is
    > a bit silly. I've used it on plenty of production networks, and many of my
    > customers run it regularly on their production networks--with no unusual
    > amount of pain and suffering.

    I believe that you're missing the point. Correctly configured, most
    products don't cause problems. Correctly configured is in the vast
    minority (or most of us would be out of a job).

    Nessus has been repeatedly documented to Do Bad Things (tm) on production
    (and other) networks. Certainly other products -can- cause problems - but
    an untweaked nessus run -always- causes problems.

    cheers!
    ==========================================================================
    "A cat spends her life conflicted between a deep, passionate and profound
    desire for fish and an equally deep, passionate and profound desire to
    avoid getting wet. This is the defining metaphor of my life right now."

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Barney Wolff: "Re: [fw-wiz] HTTPS, proxies, and remote developers."

    Relevant Pages

    • Re: [fw-wiz] VA vs PT tool
      ... >However, a VA tool is limited, in that it only stops at the vulnerability. ... what I use myself and what my customers have purchased) are Nessus, ISS, ... something on a production network, ... I've used it on plenty of production networks, ...
      (Firewall-Wizards)
    • re: DoSing production DBs
      ... I have taken down one of our mission-critical Oracle databases with a Nessus ... scan in the middle of a production cycle. ... Server and a WinNT SQL Server. ...
      (Pen-Test)
    • Re: Changing IP address
      ... And again do not activate DHCP, this can result in conflicts with the production network. ... do NOT use it as DHCP server. ...
      (microsoft.public.win2000.networking)
    • Re: Using SBS for non production testing
      ... Downtime costs money too, as does lost data. ... out testing of their company's products on their production SBS ... the production network and/or production SBS server? ...
      (microsoft.public.windows.server.sbs)
    • Re: Using SBS for non production testing
      ... I have an SBS customer that allows people in his employment to carry ... out testing of their company's products on their production SBS ... the production network and/or production SBS server? ...
      (microsoft.public.windows.server.sbs)