Re: Vulnerability scanners

From: Chris Sharp (illectro2001@yahoo.com)
Date: 03/27/03

  • Next message: Alex Russell: "Re: Vulnerability scanners" 
    Date: Thu, 27 Mar 2003 14:05:55 -0800 (PST)
From: Chris Sharp <illectro2001@yahoo.com>
To: oherrera@prodigy.net.mx, dan.lynch@placer.ca.gov, pen-test@securityfocus.com

    > Does Qualys' claim to more
    > vulnerability signatures and faster/easier updates
    hold
    > water?

    Well the front page of qualys.com claims that they
    scan for 2531 vulnerabilities, that's twice what
    Nessus (1378) or ISS (1218) claim.

    As for updates, it's all on their servers and
    hardware, set it up once and forget abotu software
    updates. Fire and forget. Not sure about the rate of
    false positives, but my impression is that they're
    cautious, only reporting False positives for dangerous
    bugs.

    They don't do active tests, so they don't exploit
    known bugs and crash servers during testing. A lot of
    Nessus modules need to be launched manually and result
    in the scanned machine needing a reboot - somewhat
    inconvenient but it removes any doubt as to how
    vulnerable you are.

    __________________________________________________
    Do you Yahoo!?
    Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
    http://platinum.yahoo.com

    top spam and e-mail risk at the gateway.
    SurfControl E-mail Filter puts the brakes on spam & viruses
    and gives you the reports to prove it. See exactly how much
    junk never even makes it in the door. Free 30-day trial:
    http://www.surfcontrol.com/go/zsfptl1

  • Next message: Alex Russell: "Re: Vulnerability scanners"

    Relevant Pages

    • RE: Vulnerability scanners
      ... You could always go with the limited budget solution - Nessus and "Almost ... use Nessus to complement the results from whatever commercial vulnerability ... SurfControl E-mail Filter puts the brakes on spam & viruses ...
      (Pen-Test)
    • nessus gtk yields empty scan
      ... nessus-libnasl-2.2.9_1 Nessus Attack Scripting Language ... The discovery may be accidental or through directed research; the vulnerability, in various levels of detail, is then released to the security community. ... the plug-ins should be updated. ... The native Unix GUI version is installed at server install time. ...
      (freebsd-hackers)
    • Re: Cross testing exploit with vulnerability scan results
      ... I have been using Nessus since years now.. ... scanner that might be temporary ... ... remember that vulnerability scanning with an automated scanner is ... else you may download 'bad code'. ...
      (Pen-Test)
    • nessus scan - epmap (135/tcp)
      ... As somebody has already pointed out, the version of Nessus is a little ... Nessus (as well as other true vulnerability ... passive vuln scanner for this), but that they do not actively exploit the ... Security Trends Report from Cenzic ...
      (Pen-Test)
    • Vuln Scan vs. Pen Test -- WAS: Re: Penetration testing books
      ... but does cover Nessus very well. ... A vulnerability scan is NOT a penetration test! ... "Pen Test Report" on the client's door step along with their invoice. ... even the most lamely deployed firewall will filter the majority of the ...
      (Security-Basics)