RE: LANguard vs Nessus

["Seth Connolly" <sethc () firstcash com>]

LANguard is great.  I use it all of the time to find all kinds of info on
the network.  I've caught people with unauthorized open shares, p2p
programs, trojans (open ports), spyware (it can list running processes
(v3.x) and services), and more with this scanner.  Version 3.x will find
installed/missing patches in win2k (and allows you to push them) and has
scan templates for different scans but this version costs money (little
steep for smaller companies).  Version 2.x is free and works well.  Version
3.x has a 30 day trial period.  I haven't tried nessus yet but I'm hoping to
find the time to take a look at it.

-----Original Message-----
From: fengjie () pacific net sg [mailto:fengjie () pacific net sg]
Sent: Wednesday, May 07, 2003 3:54 AM
To: Magnus Påhlsson; security-basics () securityfocus com
Subject: Re: LANguard vs Nessus


I am evaluating LanGuard at this moment.
Nessus I only heard of (many said it's VERY good) but never have hands on.
However installation and configuration is still a hassle compared with
LanGuard.
You only need a workstation plus local administrator right to run LanGuard.
It can scan a range of IP addresses and generate a XML file, which you can
filter to generate various reports.
It can deploy patches and I did try it. Quite stealthily, it works fine at
the background. You can even choose NOT to reboot the machine after the
patching so that the user can complete the process when logging on next
morning.
I compared the list of patches captured by LanGuard with the list generated
by Microsoft Baseline Security Analyzer (MBSA). They are the same. How does
LanGuard managed to do that, I noticed it downloaded a .cab file when
LanGuard is started. Their technical support refer me to a link to read of:
http://kbase.gfi.com/showarticle.asp?id=KBID001629.
Their technical support is very helpful. Even for evaluation I have dozens
of correspondants with their engineer over the phone and emails.
And the price is close to none in a big organization. For US$695, you can
scan unlimited number of IP addresses, from one installation.
Since my objective is to find something which can satisfy our basic security
needs, I have yet to explore more advanced features. My colleague once
caught someone's machines with trojan running on it by using LanGuard.
Maybe you can advice on how to benchmark a vulnerability scanner because I'm
still very new in this field.

Thanks
Eric


> From: Magnus Påhlsson <mfp () itn liu se>
> Date: Tue 06/05/2003 1:46 PM GMT+08:00
> To: security-basics () securityfocus com
> Subject: LANguard vs Nessus
>
>
> Greetings.
>
> I've been using Nessus as network (in)security scanner for quite some
> time and I'm happy with everything it can do. I am however curious how
> LANguard compares to Nessus, what can LANg do that Nessus can't and vice
> versa? The obvious difference is that LANg can deploy patches and my
> question about that is; does it work and is it safe to use on 500+
> computers?
>
> regards,
> Magnus
>
>
>
> --------------------------------------------------------------------------
-
> FastTrain has your solution for a great CISSP Boot Camp. The industry's
most
> recognized corporate security certification track, provides a
comprehensive
> prospectus based upon the core principle concepts of security. This ALL
INCLUSIVE curriculum utilizes lectures, case studies and true hands-on
utilization
> of pertinent security tools. For a limited time you can enter for a chance
> to win one of the latest technological innovations, the SEGWAY HT.
> Log onto http://www.securityfocus.com/FastTrain-security-basics
> --------------------------------------------------------------------------
--
>


---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most
recognized corporate security certification track, provides a comprehensive
prospectus based upon the core principle concepts of security. This ALL
INCLUSIVE curriculum utilizes lectures, case studies and true hands-on
utilization
of pertinent security tools. For a limited time you can enter for a chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-security-basics
----------------------------------------------------------------------------


---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case 
studies and true hands-on utilization 
of pertinent security tools. For a limited time you can enter for a chance 
to win one of the latest technological innovations, the SEGWAY HT. 
Log onto http://www.securityfocus.com/FastTrain-security-basics 
----------------------------------------------------------------------------