From: Michael Murray (mmurray@ncircle.com)
Date: Fri Mar 07 2003 - 14:30:27 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Talisker,
As far as distributed vulnerability scanners go, I have to throw in a couple
of points. One person already mentioned nCircle (which is where I work):
we're a totally distributed solution (multiple lightweight appliance-based
scanners reporting to a central console that stores all the data for all of
the appliances). As well, I'd say that our vulnerability coverage and
accuracy is among the best out there. Of course, I may have a bit of a
bias... ;)
Note that I wouldn't put Nessus in the truly "distributed" model. In my
experience, though it uses a client-server model, it really doesn't have a
good way to control multiple scanner instances from a single point. (IIRC,
Tenable's solution is an attempt to put some sort of way to do that on top of
nessus). As well, I have heard that Foundstone's Foundscan product suffers
from a similar limitation, but I haven't validated that firsthand.
In all seriousness, and bias aside, due to the fact that you can truly
distribute scanners throughout the network (regardless of where your data
store and reporting interface is) I'd put nCircle's stuff at the top in
terms of true distributed scanning...
M
On Wednesday 05 March 2003 2:56 pm, Talisker wrote:
> Hi
> I'm looking for vulnerability scanners that will do their business
> remotely, especially useful for distributed networks with low bandwidth or
> managed services.
>
> I only know of 3:
> Lightning Proxy
> http://www.tenablesecurity.com/proxy.html
>
> Nessus
> http://www.nessus.org/features.html
>
> Retina
> http://www.eeye.com/html/Products/Retina/index.html
>
> Does anyone know of any more, I would suggest that this excludes web based
> scanners like shieldsup etc as they don't resolve the bandwidth issue, was
> the problem with shieldsup (demonstrated at BlackHat Europe 2001) ever
> resolved whereby you could use it to scan anyone you wished??
>
> Anyway the list when completed will appear here, though it's not on the
> site navigation yet.
> http://www.networkintrusion.co.uk/dist.htm
>
> Sorry about the amount of posts of late but I have been on vacation and
> therefore have time to read my email.
>
> take care
> -andy
> Taliskers Network Security Tools
> http://www.networkintrusion.co.uk
>
>
> ---------------------------------------------------------------------------
>-
>
> Are your vulnerability scans producing just another report?
> Manage the entire remediation process with StillSecure VAM's
> Vulnerability Repair Workflow.
> Download a free 15-day trial:
> http://www2.stillsecure.com/download/sf_vuln_list.html
- --
- -----------------------------------------------------
| Michael Murray, CISSP <mmurray@nCircle.com>
| Manager, Exposure Research and Ontology
| nCircle Network Security 415-625-5968
| cell - 415.297.3576
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+aPNTUsC8b1YJAp8RAgyLAJoCshqoOK7FX3a1lI3/O6uUPHeB8ACffy77
rZQahtmORPk8PrIqIlibZdQ=
=dLn6
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
Are your vulnerability scans producing just another report?
Manage the entire remediation process with StillSecure VAM's
Vulnerability Repair Workflow.
Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:30 EDT