Re: [fw-wiz] VA vs PT tool
From: Cat Okita (cat_at_reptiles.org)
To: Gregory Austin <firstname.lastname@example.org> Date: Sun, 15 Jun 2003 13:19:42 -0400 (EDT)
On Fri, 13 Jun 2003, Gregory Austin wrote:
> Of course Ben's response also included what I think is an unjust shot
> at Nessus. In my experience *all* of the tools are capable of screwing up
> something on a production network, not just Nessus. Configured correctly
> Nessus is no worse than most and better than some. IMNSHO Nessus is the
> only product in this class that is worth as much or more than what you paid
> for it. I'm often in the position of testing with both Nessus and another
> (commercial) vulnerability assessment tool, and I've found that the biggest
> difference between them is fairly small--their results mostly overlap, with
> each one finding something useful the other didn't. Of course the other
> not so minor difference is the $20,000 gap between the two when it comes to
> testing a large environment. There are legitimate places to pick on Nessus
> (occasional instability and weak data manipulation/reporting are a couple
> that jump to mind) but I think suggesting it will burn down your network is
> a bit silly. I've used it on plenty of production networks, and many of my
> customers run it regularly on their production networks--with no unusual
> amount of pain and suffering.
I believe that you're missing the point. Correctly configured, most
products don't cause problems. Correctly configured is in the vast
minority (or most of us would be out of a job).
Nessus has been repeatedly documented to Do Bad Things (tm) on production
(and other) networks. Certainly other products -can- cause problems - but
an untweaked nessus run -always- causes problems.
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."
firewall-wizards mailing list