Security Basics mailing list archives
RE: LANguard vs Nessus
From: "Seth Connolly" <sethc () firstcash com>
Date: Thu, 8 May 2003 08:53:44 -0500
LANguard is great. I use it all of the time to find all kinds of info on the network. I've caught people with unauthorized open shares, p2p programs, trojans (open ports), spyware (it can list running processes (v3.x) and services), and more with this scanner. Version 3.x will find installed/missing patches in win2k (and allows you to push them) and has scan templates for different scans but this version costs money (little steep for smaller companies). Version 2.x is free and works well. Version 3.x has a 30 day trial period. I haven't tried nessus yet but I'm hoping to find the time to take a look at it. -----Original Message----- From: fengjie () pacific net sg [mailto:fengjie () pacific net sg] Sent: Wednesday, May 07, 2003 3:54 AM To: Magnus Påhlsson; security-basics () securityfocus com Subject: Re: LANguard vs Nessus I am evaluating LanGuard at this moment. Nessus I only heard of (many said it's VERY good) but never have hands on. However installation and configuration is still a hassle compared with LanGuard. You only need a workstation plus local administrator right to run LanGuard. It can scan a range of IP addresses and generate a XML file, which you can filter to generate various reports. It can deploy patches and I did try it. Quite stealthily, it works fine at the background. You can even choose NOT to reboot the machine after the patching so that the user can complete the process when logging on next morning. I compared the list of patches captured by LanGuard with the list generated by Microsoft Baseline Security Analyzer (MBSA). They are the same. How does LanGuard managed to do that, I noticed it downloaded a .cab file when LanGuard is started. Their technical support refer me to a link to read of: http://kbase.gfi.com/showarticle.asp?id=KBID001629. Their technical support is very helpful. Even for evaluation I have dozens of correspondants with their engineer over the phone and emails. And the price is close to none in a big organization. For US$695, you can scan unlimited number of IP addresses, from one installation. Since my objective is to find something which can satisfy our basic security needs, I have yet to explore more advanced features. My colleague once caught someone's machines with trojan running on it by using LanGuard. Maybe you can advice on how to benchmark a vulnerability scanner because I'm still very new in this field. Thanks Eric
From: Magnus Påhlsson <mfp () itn liu se> Date: Tue 06/05/2003 1:46 PM GMT+08:00 To: security-basics () securityfocus com Subject: LANguard vs Nessus Greetings. I've been using Nessus as network (in)security scanner for quite some time and I'm happy with everything it can do. I am however curious how LANguard compares to Nessus, what can LANg do that Nessus can't and vice versa? The obvious difference is that LANg can deploy patches and my question about that is; does it work and is it safe to use on 500+ computers? regards, Magnus --------------------------------------------------------------------------
-
FastTrain has your solution for a great CISSP Boot Camp. The industry's
most
recognized corporate security certification track, provides a
comprehensive
prospectus based upon the core principle concepts of security. This ALL
INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization
of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics --------------------------------------------------------------------------
--
--------------------------------------------------------------------------- FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics ---------------------------------------------------------------------------- --------------------------------------------------------------------------- FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics ----------------------------------------------------------------------------
Current thread:
- LANguard vs Nessus Magnus Påhlsson (May 06)
- Re: LANguard vs Nessus Patrick S. Harper (May 07)
- <Possible follow-ups>
- Re: LANguard vs Nessus fengjie (May 07)
- Re: LANguard vs Nessus Gene Yoo (May 08)
- RE: LANguard vs Nessus Seth Connolly (May 08)
- RE: LANguard vs Nessus Iain Balmer (May 07)