RE: Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket

["Brass, Phil (ISS Atlanta)" <PBrass () iss net>]

> 1) How reliable have people here found nmap and nessus to be? I have 
> encountered (rare) cases of nmap not finding ports, and also 
> of nessus 
> not identifying ports during the find_service stage. We hear 
> a lot about 
> false positives, but it's much harder to notice false negatives. 
> Anything that can be done about this?

Assuming that it's not an actual bug in the scanning product, just run
the scan a few times.  Take the superset of all scan results.  Three or
four times should usually get to the point of diminishing returns as far
as finding new things, unless you've got poorly configured timeouts or
are using more bandwidth than is available...

Phil

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------