Re: Features of a vulnerability scanner

From: wirepair (wirepair@roguemail.net)
Date: Mon Dec 01 2003 - 14:12:51 EST

• Next message: Gonenc, Ozan: "RE: Features of a vulnerability scanner"
• Previous message: Blake Wiedman [Icons]: "RE: Features of a vulnerability scanner"
• In reply to: Marc Ruef: "Features of a vulnerability scanner"
• Next in thread: Gonenc, Ozan: "RE: Features of a vulnerability scanner"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

1. Accuracy, Personally I'd rather see a lot of false postives than the scanner missing potential issues. But needless to say,
they are a pain when you have a lot of them.
2. Good reporting. Although I love nessus to death some of the plugins output has a lot of broken english and or typo's.
3. Up-To-Date. Nessus does this pretty well for me.
4. Clear Fix Recommendations. Once again nessus does this well for me.
5. Quality Service Recognition. This is pretty important, for the pen-tester as well as the people being handed the final report.
Knowning what service is *actually* running on port 23952 is very helpful and saves time and possible human mistake in
identification.

Wishlist: Exploit link. I'd love to see a scanner drop a list of known exploits for the issue :).
   
On Mon, 1 Dec 2003 11:26:38 +0100
  "Marc Ruef" <maru@scip.ch> wrote:
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Dear List
>
>I would like to ask you pen-testers two generic questions about vulnerability scanners:
>
>1. Which features for you are very important or is the most important in a vulnerability scanner software?
>2. Which features are you missing in the existing vulnerability scanner products?
>
>A vulnerability scanner in this context is a tool that looks automaticly for potential security holes. There are for example
>Nessus, ISS Internet Scanner, Symantec NetRecon, GFI LanGuard, SATAN, SAINT, Vigilante, Dante Security Scanner, ... Port scanner
>and enumeration utilities like nmap, N-Stealth, Whisker or Nikto are here not counted to vulnerability scanners.
>
>Yours,
>
>Marc Ruef
>
>- --
>) scip AG (
>Technoparkstr. 1
>8005 Zürich
>T +41 1 445 18 18
>F +41 1 445 18 19
>
>maru@scip.ch
>www.scip.ch
>
>- - Pragmatisches Projektmanagement -
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGP 8.0
>Comment: http://www.scip.ch
>
>iQA/AwUBP8sXXhe5hzJzqVMhEQLYZwCgpFHRj/ilv51PUAEFHWRqbuo+fHkAn24J
>z6YgR9JIPl1/Q6lcCfOw4zKr
>=RDZw
>-----END PGP SIGNATURE-----
>
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>

--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf
---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Gonenc, Ozan: "RE: Features of a vulnerability scanner"
• Previous message: Blake Wiedman [Icons]: "RE: Features of a vulnerability scanner"
• In reply to: Marc Ruef: "Features of a vulnerability scanner"
• Next in thread: Gonenc, Ozan: "RE: Features of a vulnerability scanner"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:43 EDT