Penetration Testing mailing list archives

RE: Why eEye Retina (was MBSA scanner)

From: Chris Hurley <churley () assureddecisions com>
Date: Wed, 21 Apr 2004 10:59:51 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have been very impressed with SAINT as well.  I tested SAINT 5, Internet
Scanner 7, Retina, NeWT, and Nessus about six months ago.

Nessus is great and is my personal favorite but the reports are not
commercial grade.  Of course, it's free so you can't complain.

On the commercial side, SAINT stacked up with or beat the other scanners
in most categories at a lower price.  Also, the SAINT support team is
fantastic.  We were just testing the product and asked about a feature
(Pause/Resume of scans) and they incorporated it into the next version and
got it out to us in a very short time.
I am trying to remember, but I think it was within three weeks.

Chris Hurley
Information Assurance Engineer
Assured Decisions, LLC
240-456-6791
churley () assureddecisions com

On Tue, 20 Apr 2004, Cam Beasley, ISO wrote:


Agreed..
Nothing beats the accuracy and speed of Nessus.
If you know how to customize .nasls it is even better.
If you need a commercial version for your
enviroment, consider TenableSecurity's offering:

http://www.tenablesecurity.com/

~cam.

Cam Beasley
Information Security Office
The University of Texas at Austin
cam () austin utexas edu

-----Original Message-----
From: clarke-cummings () columbus rr com
[mailto:clarke-cummings () columbus rr com]
Sent: Tuesday, April 20, 2004 09:37
To: pen-test () securityfocus com
Subject: Why eEye Retina (was MBSA scanner)

Hello Everyone,

We recently began evaluating eEye's Retina product for our
vulnerability assessment tool.  We have found the results to
be very inconsistent, showing us vulnerable to issues that
have been patched.  We've verified the patches manually, with
MBSA, HFNETCHK, and LanGuard.  eEye didn't have a good answer
as to why the results were so inconsistent.  Any guesses?

Also, how is their support response for those that are
customers?  As a trial customer they aren't a very impressive
organization.

Thanks in advance for the help.

Cheers,
Clarke

--------------------------------------------------------------------
mail2web - Check your email from the web at http://mail2web.com/ .

--------------------------------------------------------------
----------------
Ethical Hacking at the InfoSec Institute. Mention this ad and
get $545 off any course! All of our class sizes are
guaranteed to be 10 students or less to facilitate one-on-one
interaction with one of our expert instructors. Attend a
course taught by an expert instructor with years of
in-the-field pen testing experience in our state of the art
hacking lab. Master the skills of an Ethical Hacker to better
assess the security of your organization. Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------
-----------------


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAhoxp+ahhAnkKnqoRApCcAKCM39acQ/wGNeINxlZaMpQzrCM7DACfbG6s
d4azLzoaX29WbdiXgOGqvdY=
=NDE1
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

Current thread:

Why eEye Retina (was MBSA scanner) clarke-cummings () columbus rr com (Apr 20)
- Re: Why eEye Retina (was MBSA scanner) Adam Tuliper (Apr 21)
- Re: Why eEye Retina (was MBSA scanner) Frederic Charpentier (Apr 21)
- RE: Why eEye Retina (was MBSA scanner) Román Ramírez (Apr 21)
- Re: Why eEye Retina (was MBSA scanner) Peter Wood (Apr 21)
  - RE: Why eEye Retina (was MBSA scanner) Steve (Apr 21)
    - RE: Why eEye Retina (was MBSA scanner) Bojan Zdrnja (Apr 22)
- Re: Why eEye Retina (was MBSA scanner) Shawn Edwards (Apr 21)
- Re: Why eEye Retina (was MBSA scanner) Bobby . Clarke (Apr 22)
- <Possible follow-ups>
- RE: Why eEye Retina (was MBSA scanner) Cam Beasley, ISO (Apr 21)
  - RE: Why eEye Retina (was MBSA scanner) Chris Hurley (Apr 21)
- RE: Why eEye Retina (was MBSA scanner) Lovrien, Scott (Apr 21)
  - Re: Why eEye Retina (was MBSA scanner) Renaud Deraison (Apr 22)
- RE: Why eEye Retina (was MBSA scanner) Mike Murray (Apr 22)
  - Re: Why eEye Retina (was MBSA scanner) Shawn Edwards (Apr 22)
  - RE: Why eEye Retina (was MBSA scanner) Robert E. Lee (Apr 22)
- RE: Why eEye Retina (was MBSA scanner) Peter Benson (Apr 22)
- RE: Why eEye Retina (was MBSA scanner) Doty, Stephen (BearingPoint) (Apr 22)
  - Re: Why eEye Retina (was MBSA scanner) Rainer Duffner (Apr 24)
- RE: Why eEye Retina (was MBSA scanner) Riley Hassell (Apr 22)
- Re: Why eEye Retina (was MBSA scanner) clarke-cummings () columbus rr com (Apr 23)

(Thread continues...)