RE: Nessus - open or closed source?

From: Jason Baeder (
Date: 11/09/05

  • Next message: ilaiy: "Re: network informations brought by cdp"
    Date: Wed, 9 Nov 2005 07:06:04 -0800 (PST)

    I have to wholeheartedly agree. I work for a major government
    contracting on site at a civilian agency (the government is composed of
    more than just DoD). One of the other teams here uses Nessus
    exclusively. Nobody objects to that. ISS Internet Scanner was already
    installed for my team when I arrived. We have also used Nessus as a
    check against ISS. In fact, there was a case when ISS identified
    something nasty. A detailed investigation of the system under question
    showed the alert was a false positive. But I couldn't understand why
    ISS would produce this false positive. A Nessus run against the same
    system came up with...nothing wrong. Moreover, I was able to look at
    the NASL code and see what Nessus was really looking for, and to
    reproduce that manually. Short of putting a sniffer in-line in front
    of ISS, I'll never know what ISS is looking for [as far as this one
    issue is concerned].

    I can make the same point with IDS: ISS and SNORT. But that point has
    been made many times before as well.


    --- "Miller, Joseph A" <> wrote:

    > Justin,
    > I'm breaking into this thread late in the game. In 'reality' it does
    > not
    > matter if it is trash or not. Because we all run as many tools as
    > possible. Does Nessus hit on something that ISS missed, yes
    > sometimes,
    > does ISS hit something that Nessus missed... Yes sometimes... Doing
    > due
    > diligence and using all the tools you can find to help in your quest
    > to
    > perform whatever task you may be performing with these tools, the
    > presence of the option to use it, and see if it helps is better than
    > nothing. Even one or two of this happening will make the case for
    > having
    > more than one assessment tool.

    Yahoo! FareChase: Search multiple travel sites in one click.

    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

  • Next message: ilaiy: "Re: network informations brought by cdp"