RE: MBSA scanner

From: Gibson, Eric (egibson_at_websense.com)
Date: 04/21/04

Next message: Ivan Arce: "Re: Bank Assessment"

Previous message: Jason Ostrom: "Testing WEP Key on pcap dump"
Maybe in reply to: e247net: "MBSA scanner"
Next in thread: Matt Wagenknecht: "Re: MBSA scanner"
Reply: Matt Wagenknecht: "Re: MBSA scanner"
Reply: Igor Filippov: "RE: MBSA scanner"
Reply: Shawn Edwards: "Re: MBSA scanner"
Reply: Jeremiah Cornelius: "RE: MBSA scanner"
Reply: ELLIS, STEVEN: "RE: MBSA scanner"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 21 Apr 2004 10:00:54 -0700
To: <pen-test@securityfocus.com>

We just finished a long comparative evaluation of Eeye, Foundstone,
Tenable, Nessus and ISS. After much consideration we concluded that
Foundstone fit our needs best, while still using Nessus for bulk scans.
We used to use ISS but switched because the product has not kept up with
others. Nessus is still a great scanner, and you cannot beat the price.

I am surprised that FoundStone has not come up in the recommendations so
far.

Eric Gibson

-----Original Message-----
From: Peter Wood [mailto:peterw@firstbase.co.uk]
Sent: Tuesday, April 20, 2004 7:00 AM
To: pen-test@securityfocus.com
Subject: [BULK] - RE: MBSA scanner

We have also moved our allegience to eEye Retina from ISS. It works very

well and is the best commercial scanner we've used. We also use Core
Impact
for real exploits, which is a great tool IMHO.

Pete

At 15:58 19/04/2004 -0500, Steve Goldsby $ICS$ wrote:
>We've moved all our business from ISS Scanner to Retina.
>
>Nessus is still the favorite for cost effictive, high coverage
scanning,
>but for a commercial product that seems to gain favor with enterprise
>clients, eEye is the way to go.
>
>
>Steve Goldsby
>www.networkarmor.com
>
>
>-----Original Message-----
>From: Nick Duda [mailto:nduda@VistaPrint.com]
>Sent: Monday, April 19, 2004 1:30 PM
>To: e247net; pen-test@securityfocus.com
>Subject: RE: MBSA scanner
>
>eEye Retina is great. Quick on the updates also.
>
>- Nick
>
>-----Original Message-----
>From: e247net [mailto:e247net@hotmail.com]
>Sent: Saturday, April 17, 2004 4:34 AM
>To: pen-test@securityfocus.com
>Subject: MBSA scanner
>
>Hi all
>
>Microsoft baseline scanner cannot work since all the default shares
are
>disable.
>Isn't this be the case for a secure LAN ? Anyway, plse suggest any
>alternatives open source tools for conducting vulnerability test in a
>LAN typical windows machines.
>Thanks
>
>I have on hand now using nessus, but would like to have another tool.
>
>Best Regards,
>
------------------------------------------------------------------------
--------------------------------------------------------

Peter Wood FBCS CITP MIMIS MIEEE
Chief of Operations
First Base Technologies
+44 (0)1273 454525
www.fbtechies.co.uk
www.white-hats.co.uk

------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

Next message: Ivan Arce: "Re: Bank Assessment"

Previous message: Jason Ostrom: "Testing WEP Key on pcap dump"
Maybe in reply to: e247net: "MBSA scanner"
Next in thread: Matt Wagenknecht: "Re: MBSA scanner"
Reply: Matt Wagenknecht: "Re: MBSA scanner"
Reply: Igor Filippov: "RE: MBSA scanner"
Reply: Shawn Edwards: "Re: MBSA scanner"
Reply: Jeremiah Cornelius: "RE: MBSA scanner"
Reply: ELLIS, STEVEN: "RE: MBSA scanner"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: MBSA scanner
... With respect to eEye, we do not use nessus as our foundation scanner. ... find that the various non-nessus engines perform quite differently to nessus ...
(Pen-Test)
RE: oracle VA/PT
... I find it strange that nessus didn't even see an open port on 1421. ... There is a commercial database security scanner out there. ... Up to 75% of cyber attacks are launched on shopping carts, ...
(Pen-Test)
Re: What is being a pen tester really like?
... Nessus is a vulnerability scanner and using it to ... conduct a test is called a vulnerability assessment. ... Security experts recommend that an annual penetration test be ... This is NOT something Nessus does, ...
(Pen-Test)
RE: Why eEye Retina (was MBSA scanner)
... so that continual scanning is not required using ISS, Nessus, Retina, etc? ... Why eEye Retina ... to facilitate one-on-one interaction with one of our expert instructors. ...
(Pen-Test)
RE: WIN 2K to *NIX Scanner
... If you want to try Nessus but don't currently have a unix box spare, ... WIN 2K to *NIX Scanner ... by default scan all ports. ... I have tried so far the LANguard tool is by far the best ...
(Security-Basics)