Penetration Testing mailing list archives
RE: Distributed Vulnerability Scanners
From: "Kohlenberg, Toby" <toby.kohlenberg () intel com>
Date: Thu, 6 Mar 2003 15:33:38 -0800
I've heard a couple people mention scanning services that offer appliances that you can bring in house, but do those actually run in a distributed fashion? For this case, here's the definition I'd use for distributed: from a single console, I am able to set up a scan across a block of IP addresses, those addresses are then automatically split up according to some rules (by subnet or whatever) and sent out to scanning systems that are responsible for scanning those groups of IPs. They run the scans and send the results back to the central server. The central server should also be able to push test updates down to the scanning systems. Maybe in an ideal world the scan jobs would have an approval path that would check with the owner of the network/environment about to be scanned before executing it. Or at least give them a day or two to object before running the scan. It's easy to set up a single box that is remotely managed and does all the scanning for an environment, but that doesn't work so well when some of your networks are at the other end of slow or expensive links. toby
-----Original Message----- From: Gideon Rasmussen, CISSP [mailto:gideon () infostruct net] Sent: Thursday, March 06, 2003 11:41 AM To: Greg Reber Cc: Talisker; pen-test () securityfocus com Subject: Re: Distributed Vulnerability Scanners In the past, I have used VIGILANTe SecureScan. They are a subscription based vulnerability assessment service. For an annual fee, you can execute scans as often as once per day. Their reports are quite detailed (i.e. whois lookups, findings, severity levels, w/corresponding advisories/fix actions). From what recall, they are based on ISS, Nmap, a few other hacking tools, and home grown scripts. In addition to their service, they offer software too. I'm probably not doing them justice, if you are interested, please refer to their site (http://www.vigilante.com). If you have any questions or comments, please do not hesitate to contact me. Thank you. Gideon Gideon Rasmussen, CISSP Celebration, FL gideon () infostruct net 321-939-1526 Greg Reber wrote:Andy - check out Qualys (www.Qualys.com ) and nCircle(www.ncircle.com)-greg The information in this email is likely confidential andmay be legallyprivileged. It is intended solely for the addressee. Accessto this email byanyone else is unauthorized. If you are not the intendedrecipient, anydisclosure, copying, distribution or any action taken oromitted to be takenin reliance on it, is prohibited and may be unlawful. -----Original Message----- From: Talisker [mailto:talisker () networkintrusion co uk] Sent: Wednesday, March 05, 2003 2:56 PM To: pen-test () securityfocus com Subject: Distributed Vulnerability Scanners Hi I'm looking for vulnerability scanners that will do theirbusiness remotely,especially useful for distributed networks with lowbandwidth or managedservices. I only know of 3: Lightning Proxy http://www.tenablesecurity.com/proxy.html Nessus http://www.nessus.org/features.html Retina http://www.eeye.com/html/Products/Retina/index.html Does anyone know of any more, I would suggest that thisexcludes web basedscanners like shieldsup etc as they don't resolve thebandwidth issue, wasthe problem with shieldsup (demonstrated at BlackHat Europe2001) everresolved whereby you could use it to scan anyone you wished?? Anyway the list when completed will appear here, thoughit's not on the sitenavigation yet. http://www.networkintrusion.co.uk/dist.htm Sorry about the amount of posts of late but I have been onvacation andtherefore have time to read my email. take care -andy Taliskers Network Security Tools http://www.networkintrusion.co.uk-------------------------------------------------------------- --------------Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html-------------------------------------------------------------- --------------Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html-------------------------------------------------------------- -------------- Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html
---------------------------------------------------------------------------- Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html
Current thread:
- RE: Distributed Vulnerability Scanners, (continued)
- RE: Distributed Vulnerability Scanners Greg Reber (Mar 06)
- Re: Distributed Vulnerability Scanners Gideon Rasmussen, CISSP (Mar 06)
- Re: Distributed Vulnerability Scanners Talisker (Mar 09)
- Re: Distributed Vulnerability Scanners Alex Zimin (Mar 06)
- Re: Distributed Vulnerability Scanners cdowns (Mar 07)
- Re: Distributed Vulnerability Scanners Michael Murray (Mar 09)
- RE: Distributed Vulnerability Scanners Erik Birkholz (Mar 06)
- RE: Distributed Vulnerability Scanners charl van der walt (Mar 06)
- Re: Distributed Vulnerability Scanners Peter Mercer (Mar 07)
- RE: Distributed Vulnerability Scanners charl van der walt (Mar 09)
- Re: Distributed Vulnerability Scanners Peter Mercer (Mar 07)
- RE: Distributed Vulnerability Scanners Kohlenberg, Toby (Mar 06)
- Re: Distributed Vulnerability Scanners Renaud Deraison (Mar 07)
- RE: Distributed Vulnerability Scanners Rapaille Max (Mar 07)
- Re: Distributed Vulnerability Scanners sacha . faust . bourque (Mar 07)
- Re: Distributed Vulnerability Scanners spectom (Mar 11)
- RE: Distributed Vulnerability Scanners Sunny Chowdhury (Mar 09)
- RE: Distributed Vulnerability Scanners Ken Smith (Mar 11)
- Re: Distributed Vulnerability Scanners Preston (Mar 11)
- RE: Distributed Vulnerability Scanners Greg Reber (Mar 06)