PaulDotCom mailing list archives
Re: openvas vs nessus
From: Ron Gula <rgula () tenable com>
Date: Tue, 14 Dec 2010 06:17:40 -0500
On 12/13/2010 6:17 PM, Robin Wood wrote:
I was wondering if anyone used both OpenVas and Nessus while on tests and if so how do you find the results, do they tend to match, does one have more false positives/negatives than the other? I'm thinking for tests where stealth isn't an issue it might be nice to run both scanners but if they both detect the same issues then it isn't worth the effort.
When testing vulnerability scanners, it's important to realize there are very different segments of code that go into a scanner. Although OpenVAS is based on Nessus2, there have been many major changes in Nessus over the past few years you should consider. For un-credentialed checks (scanning without admin rights) you should consider how fast the scan runs, the number of ports/hosts scanners and the overall false positive/negative rate. For credentialed checks speed is also something you should consider. False positives are less of an issue with credential checks, but false negatives are a big issue. Lots of other scanners besides Nessus miss 3rd party apps like java, trend, iTunes, .etc. and only focus on patches related to the OS. Doing things like running netstat durign a port-scan dramatically changes the speed of the scan as well. In general if you watch the amount of memory used by your scanner while it is scanning, you can get a sense of how well it will scan when testing 100s of hosts, 1000s of hosts, .etc. If you are doing PCI, FDCC, CIS or other types of audits, Tenable added config auditing to Nessus so you can report on these types of standards. If folks have test results of Nessus and other scanners, I am always interested in how things performed. -- Ron Gula, CEO Tenable Network Security http://www.tenable.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- openvas vs nessus Robin Wood (Dec 13)
- Re: openvas vs nessus Ron Gula (Dec 14)
- Message not available
- Re: openvas vs nessus Robin Wood (Dec 14)
- Message not available
- Re: openvas vs nessus Mike Patterson (Dec 14)
- Re: openvas vs nessus Ron Gula (Dec 14)
- <Possible follow-ups>
- Re: openvas vs nessus Jody McCluggage (Dec 14)