Re: SourceFire RNA

[Renaud Deraison <deraison () nessus org>]

On Tue, Dec 02, 2003 at 11:44:30AM -0500, Rob Shein wrote:
> I wouldn't say "reactive security practices don't work."  There's absolutely
> no way to cover all the bases in advance, and that's just how life is; you
> have to have a reactive capability to be secure.

Sorry, I was not clear - I actually meant reactive vulnerability management
practices don't work (ie: wait for an attack to occur, patch afterwards).

That is, if you have a 100% passive tool which is here to help you foresee 
possible vulnerabilities on your network it's not OK to say that you don't 
really care about mute hosts. This is why we advise the use of passive
scanners like NeVO or RNA to be used in conjunction with active probes. 


                                -- Renaud

---------------------------------------------------------------------------
---------------------------------------------------------------------------