Re: Vulnerability scanners

From: R. DuFresne (dufresne@sysinfo.com)
Date: 03/28/03

  • Next message: R. DuFresne: "Re: Vulnerability scanners"
    Date: Thu, 27 Mar 2003 18:01:42 -0500 (EST)
    From: "R. DuFresne" <dufresne@sysinfo.com>
    To: Chris Sharp <illectro2001@yahoo.com>
    
    

    On Thu, 27 Mar 2003, Chris Sharp wrote:

    >
    > > Does Qualys' claim to more
    > > vulnerability signatures and faster/easier updates
    > hold
    > > water?
    >
    > Well the front page of qualys.com claims that they
    > scan for 2531 vulnerabilities, that's twice what
    > Nessus (1378) or ISS (1218) claim.
    >
    > As for updates, it's all on their servers and
    > hardware, set it up once and forget abotu software
    > updates. Fire and forget. Not sure about the rate of
    > false positives, but my impression is that they're
    > cautious, only reporting False positives for dangerous
    > bugs.
    >
    > They don't do active tests, so they don't exploit
    > known bugs and crash servers during testing. A lot of
    > Nessus modules need to be launched manually and result
    > in the scanned machine needing a reboot - somewhat
    > inconvenient but it removes any doubt as to how
    > vulnerable you are.
    >

    Not totally, one of the recent Information Security issues tested nessus,
    iss, and a few other scanners. Not one came out with shining colors,
    though iss and nessus ranked first and second. but, it was what they
    could not do well and such that was the real meat of the article. The
    scan is only the beginning, a point of reference from which the real work
    begins in trying to ascertain how vulnerable one might be.

    Thanks,

    Ron DuFresne

    -- 
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
            admin & senior security consultant:  sysinfo.com
                            http://sysinfo.com
    "Cutting the space budget really restores my faith in humanity.  It
    eliminates dreams, goals, and ideals and lets us get straight to the
    business of hate, debauchery, and self-annihilation."
                    -- Johnny Hart
    testing, only testing, and damn good at it too!
    top spam and e-mail risk at the gateway.
    SurfControl E-mail Filter puts the brakes on spam & viruses
    and gives you the reports to prove it. See exactly how much
    junk never even makes it in the door. Free 30-day trial:
    http://www.surfcontrol.com/go/zsfptl1
    

  • Next message: R. DuFresne: "Re: Vulnerability scanners"

    Relevant Pages

    • RE: Vulnerability scanners
      ... You could always go with the limited budget solution - Nessus and "Almost ... use Nessus to complement the results from whatever commercial vulnerability ... SurfControl E-mail Filter puts the brakes on spam & viruses ...
      (Pen-Test)
    • Re: Penetration Testing Services
      ... Tools, like Nessus, are vulnerability-oriented. ... what you need to be aware of is not "only" vulnerabilities. ... penetration testing process is not limited to ... Basically, our company has an internal IT Security section, who has ...
      (Pen-Test)
    • Re: [Full-disclosure] Sending spam via sites and creating spam-botnets
      ... If your site will be DDoSed from Google's servers or you will receive spam ... than you will be knowing what type of botnets it is. ... Functionality vulnerabilities, it's also possible via Abuse of Functionality ...
      (Full-Disclosure)
    • RE: Top 10 vulnerabilities and open ports.
      ... Top 10 vulnerabilities and open ports. ... ports reports based on the results of the free security scans performed ... Reports are based on the results of tests performed using Nessus ...
      (Pen-Test)
    • Re: The Best Network Scanner?
      ... There are a couple of options that I use that are both cheap and effective. ... The first is Nessus which is free, but unfortunately *nix ... vulnerabilities. ...
      (Security-Basics)