Re: Best vulnerability scanner
From: RickC (rcarlin1@NOSPAMattbi.com)Date: 03/30/02
- Next message: Mark Nenadov: "Re: port 80 scans"
- Previous message: ck26: "Re: A general question about ports"
- In reply to: Crazy Linux: "Best vulnerability scanner"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "RickC" <rcarlin1@NOSPAMattbi.com> Date: Sat, 30 Mar 2002 15:46:38 GMT
Crazy Linux <crazylinuxus@yahoo.com> wrote in message
news:adf2ee34.0203200641.c6c60d8@posting.google.com...
> Which one is the best vulnerability scanner available right now.
> Either commercial or free!
>
> TIA
I've used and tested a wide variety of vulnerability assesment scanners.
Picking a scanner depends on
what you plan on using it for, and your level of skill. One point that
comes to mind is that no matter
what scanner you pick, you'll need to take the time to learn the basics
about your target operating
systems, networking protocols and have some common sense.
Also, your choice of scanner might be based on budget, host operating system
and personal preference. Insuring that your scanner of choice can find the
vulnerabilities that might be found on your systems is nice too.
ISS Internet Scanner is what I use at work. It works well and makes nice
reports, but tends to have many
false positives per scan. My usual method is to verify events with freeware
scanners (port scanners, single vulnerability scanners, etc). I recently
installed Nessus on a Redhat box and have enjoyed using it very much. The
client software is a particulary nice feature. I have not, however, had a
chance to directly compare the two scanners, but I do plan
on doing that very soon.
Rick
- Next message: Mark Nenadov: "Re: port 80 scans"
- Previous message: ck26: "Re: A general question about ports"
- In reply to: Crazy Linux: "Best vulnerability scanner"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
