Penetration Testing mailing list archives
RE: MBSA scanner
From: "Ben Nagy" <ben () iagu net>
Date: Thu, 22 Apr 2004 09:36:48 +0200
I'm not going to marketing-spam anyone, but this point is very very wrong. With respect to eEye, we [1] do not use nessus as our foundation scanner. In fact, this is true of most of the established players in the VA space. Lately, some commercial outfits have decided that "wrap a frontend around nessus and do something about the ugly reports" is a quick way to get a scanner to market. In the case of Tenable, this is entirely legit, of course. ;) eEye do not use nmap either - although we do use the TCP signature database _from_ nmap for remote OS detection if we can't work it out some other way. And so, to answer your (unspoken) question - the vendors (not just us) who have their own engine bring quite a lot to the table in many areas. You'll find that the various non-nessus engines perform quite differently to nessus and each other in terms of speed, accuracy and propensity to make network devices crash. I'm not about to get drawn into arguments about the merits of the various engines, but not all engines are nessus, and engines are absolutely not created equal. Who'd want a scanner monoculture, anyway? Cheers, ben [1] Oh yeah - disclaimer, I work for eEye.
-----Original Message----- From: Robert Mehler [mailto:r_mehler () yahoo com] Sent: Wednesday, April 21, 2004 5:36 PM To: 'Swift Lad'; pen-test () securityfocus com Cc: peterw () firstbase co uk; clarke-cummings () columbus rr com; e247net () hotmail com; me () chuckherrin com Subject: RE: MBSA scanner At the end of the day, all scanners are using Nessus and NMAP as their foundation scanner, so I can help but see the value the vendors bring to the table apart from advanced backend correlation and reporting tools. I've heard tremendous things about eEYE from a performance standpoint as well as the fact that their chief hacking officer is quite on top of MS vulnerabilities.
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- MBSA scanner e247net (Apr 19)
- RE: MBSA scanner Chuck Herrin (Apr 19)
- Re: MBSA scanner mike (Apr 19)
- <Possible follow-ups>
- RE: MBSA scanner Nick Duda (Apr 19)
- RE: MBSA scanner Steve Goldsby (ICS) (Apr 19)
- RE: MBSA scanner Peter Wood (Apr 20)
- RE: MBSA scanner Swift Lad (Apr 21)
- RE: MBSA scanner Robert Mehler (Apr 21)
- RE: MBSA scanner Ben Nagy (Apr 22)
- RE: MBSA scanner Robert Mehler (Apr 21)
- RE: MBSA scanner Gibson, Eric (Apr 21)
- Re: MBSA scanner Shawn Edwards (Apr 22)
- RE: MBSA scanner Igor Filippov (Apr 22)
- Re: MBSA scanner Matt Wagenknecht (Apr 22)
- RE: MBSA scanner Jeremiah Cornelius (Apr 22)
- RE: MBSA scanner ELLIS, STEVEN (Apr 22)
- RE: MBSA scanner Altheide, Cory B. (IARC) (Apr 22)
- Re: MBSA scanner nom.de.guerre (Apr 22)
- RE: MBSA scanner Gibson, Eric (Apr 22)