Re: Why eEye Retina (was MBSA scanner)

From: Frederic Charpentier (fcharpentier_at_xmcopartners.com)
Date: 04/20/04

  • Next message: Max: "Re: Bank Assessment" 
    Date: Tue, 20 Apr 2004 18:24:14 +0200
To: pen-test@securityfocus.com

    because the purpose of theses scanners (retina, shadow, languard,
    nessus, iss..) is to find vulnerability.

    The customer pays to find vulns and they are happy to find a lot.

    For a customer, a good scanner find a lot of vulns.

    that's it.

    The only reliable way to check for a vuln, is to test the machine with
    the real exploit or to look the program release (dll version or rpm -qa) !

    Example : the fact to know that a web server is apache1.3.26 doesn't
    mean that this server is vulnerable to the apache_chunked exploit. It
    could be patched or running under another os.....

    Fred

    clarke-cummings@columbus.rr.com wrote:

    > Hello Everyone,
    >
    > We recently began evaluating eEye's Retina product for our vulnerability
    > assessment tool. We have found the results to be very inconsistent,
    > showing us vulnerable to issues that have been patched. We've verified the
    > patches manually, with MBSA, HFNETCHK, and LanGuard. eEye didn't have a
    > good answer as to why the results were so inconsistent. Any guesses?
    >
    > Also, how is their support response for those that are customers? As a
    > trial customer they aren't a very impressive organization.
    >
    > Thanks in advance for the help.
    >
    > Cheers,
    > Clarke
    >
    > --------------------------------------------------------------------
    > mail2web - Check your email from the web at
    > http://mail2web.com/ .
    >
    >
    >
    > ------------------------------------------------------------------------------
    > Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    > any course! All of our class sizes are guaranteed to be 10 students or less
    > to facilitate one-on-one interaction with one of our expert instructors.
    > Attend a course taught by an expert instructor with years of in-the-field
    > pen testing experience in our state of the art hacking lab. Master the skills
    > of an Ethical Hacker to better assess the security of your organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > -------------------------------------------------------------------------------
    >

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------

  • Next message: Max: "Re: Bank Assessment"