RE: Vuln Scanner

From: Evans, Arian (Arian.Evans@fishnetsecurity.com)
Date: Wed Nov 02 2005 - 13:12:57 EST

• Next message: Jack Lloyd: "Re: Insecure Hash Algorithms (MD5) and NTLMv2"
• Previous message: Jason Thompson: "Re: Blocking Port scans"
• Maybe in reply to: Michael Gargiullo: "Vuln Scanner"
• Next in thread: Marc Maiffret: "RE: Vuln Scanner"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

1. You mean "control" of the scan engine; that
distinction makes sense Andy.

2. I was thinking you meant "aggregation" of scan
data, in which case most any scanner out there can
be centrally aggregated by use of a SEM product.

<blurriness>
And then there are tools like eEye Retina that are
NOT distributed-control, but really "aggregated"
(unless they've recently changed Retina/REM). You
have to go to each distribution point to issue
commands, but have a central console to aggregate
*events* the scans produce.

So yes, it would be valuable to some break out who
does and who doesn't have a native console that
can *control* distributed installs.

That would require emailing a lot of vendors and
trying to sort out the technobafflegab between who
sells or partners with a SEM product and calls that
"centralized console for distributed scanning",
and who can actually control distributed installs.
</blurry>

3. Another one for your list is StillSecure VAM.

It's one of the many Nessus rip-offs, but has a slick
GUI and nice trending features, and they claim to
create new or rewrite the vuln tests for QA.

We looked at it a year or two ago, had a lot of
maturity but you couldn't get under the hood and
tune any of the nmap/nessus parameters. They may
have fixed this limitation by now...

Thanks for maintaining a great list.

-ae

> -----Original Message-----
> From: Talisker [mailto:lists@securitywizardry.com]
> Sent: Wednesday, November 02, 2005 11:37 AM
> To: Evans, Arian; pen-test@securityfocus.com
> Cc: lists@securitywizardry.com
> Subject: RE: Vuln Scanner
>
>
> Arlan
> Thanks for the feedback
> > scanners"; I don't understand the distinction as most commercial
> > vuln scanners today can be "distributed" but...):
> By distributed I mean that the management console will
> delegate scanning
> tasks to scanners around the network and report centrally. The former
> requirement is essential when you have an excessive number of
> scanners to
> manage.
>
> I will revisit the scanner category's if you still feel that
> the products
> should be merged.
>
> Andy Cuff
> Chief Technology Officer
> Computer Network Defence Ltd
> http://www.securitywizardry.com
>
> 07010 709014
>
>
> > -----Original Message-----
> > From: Evans, Arian [mailto:Arian.Evans@fishnetsecurity.com]
> > Sent: 01 November 2005 16:43
> > To: pen-test@securityfocus.com
> > Cc: lists@securitywizardry.com
> > Subject: RE: Vuln Scanner
> >
> > ::condensed resend::
> >
> > Talisker has a list of Scanners:
> >
> > http://www.networkintrusion.co.uk/N_scan.htm
> >
> > Others not on Talisker's list (some are under "distributed
> > scanners"; I don't understand the distinction as most commercial
> > vuln scanners today can be "distributed" but...):
> >
> > -Qualys Qualysguard
> > -McAfee Foundstone Enterprise
> > -nCircle IP360
> > -Maxpatrol
> > -NGS Typhon
> >
> > Typhon IME is fast and comparatively inexpensive, though
> > light on reporting, but may fit your cost needs.
> >
> > Another option is to explain to the client that if the
> > reason they want two scanners is really for validation
> > of the results, then you should look at an exploitation
> > tool instead of a second scanner:
> >
> > -Metasploit (free)
> > -CANVAS (inexpensive)
> > -Core Impact (varies)
> > -Visionael (no idea cost; appears to be taken from Nessus
> > code and rebuilt into a combo vuln-scanner/exploitation tool.
> >
> > There have been some free scanner projects that have come
> > and gone but I can't think of any that are still under
> > active development or have current vulnerability checks.
> >
> > Other mentions include Nstealth, Nikto, and Sandcat, which
> > IMO are all the same (http known-file scanners with some
> > primitive URI XSS/SQLi checks).
> >
> >
> > -ae
> >
> > > > -----Original Message-----
> > > > From: Lyal Collins [mailto:lyal.collins@key2it.com.au]
> > > > Sent: Saturday, October 29, 2005 1:27 AM
> > > > To: 'Michael Gargiullo'; pen-test@securityfocus.com
> > > > Subject: RE: Vuln Scanner
> > > >
> > > >
> > > > Hmm.
> > > > C rules out Newt!
> > > >
> > > > Nstealth looks Ok.
> > > > I've trialled SandCat, but found way too many false positives
> > > > (about 4 for
> > > > every actual issue).
> > > >
> > > > Nikto is helpful, but only works at the http layer.
> > > >
> > > > Lyal
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Michael Gargiullo [mailto:mgargiullo@pvtpt.com]
> > > > Sent: Saturday, 29 October 2005 4:43 AM
> > > > To: pen-test@securityfocus.com
> > > > Subject: Vuln Scanner
> > > >
> > > >
> > > > I have a client that states in his RFP that we run nessus,
> > > > and at least one
> > > > other vulnerability scanner to compare the output.
> > > >
> > > >
> > > >
> > > > Does anyone here know of an inexpensive vulnerability
> scanner, that:
> > > >
> > > >
> > > >
> > > > A) Is as effective as nessus.
> > > >
> > > > B) Doesn't cost nearly as much as say ISS or SAINT
> > > (free would be
> > > > good).
> > > >
> > > > C) Doesn't use nessus plugins (like x-scan).
> > > >
> > > >
> > > >
> > > > -Mike
> > > >
> > > >
> > > >
> > > >
> > > > --------------------------------------------------------------
> > > > --------------
> > > > --
> > > > Audit your website security with Acunetix Web Vulnerability
> > > Scanner:
> > > >
> > > > Hackers are concentrating their efforts on attacking
> > > > applications on your
> > > > website. Up to 75% of cyber attacks are launched on shopping
> > > > carts, forms,
> > > > login pages, dynamic content etc. Firewalls, SSL and
> > > > locked-down servers are
> > > >
> > > > futile against web application hacking. Check your website for
> > > > vulnerabilities
> > > > to SQL injection, Cross site scripting and other web attacks
> > > > before hackers
> > > > do!
> > > > Download Trial at:
> > > >
> > > > http://www.securityfocus.com/sponsor/pen-test_050831
> > > > --------------------------------------------------------------
> > > > --------------
> > > > ---
> > > >
> > > >
> > > >
> > > > --------------------------------------------------------------
> > > > ----------------
> > > > Audit your website security with Acunetix Web Vulnerability
> > > Scanner:
> > > >
> > > > Hackers are concentrating their efforts on attacking
> > > > applications on your
> > > > website. Up to 75% of cyber attacks are launched on shopping
> > > > carts, forms,
> > > > login pages, dynamic content etc. Firewalls, SSL and
> > > > locked-down servers are
> > > > futile against web application hacking. Check your website
> > > > for vulnerabilities
> > > > to SQL injection, Cross site scripting and other web attacks
> > > > before hackers do!
> > > > Download Trial at:
> > > >
> > > > http://www.securityfocus.com/sponsor/pen-test_050831
> > > > --------------------------------------------------------------
> > > > -----------------
> > > >
> > > >
> > >
> >
> >
> --------------------------------------------------------------
> ------------
> > ----
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking
> applications on your
> > website. Up to 75% of cyber attacks are launched on
> shopping carts, forms,
> > login pages, dynamic content etc. Firewalls, SSL and
> locked-down servers
> > are
> > futile against web application hacking. Check your website for
> > vulnerabilities
> > to SQL injection, Cross site scripting and other web attacks before
> > hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
> >
> --------------------------------------------------------------
> ------------
> > -----
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Jack Lloyd: "Re: Insecure Hash Algorithms (MD5) and NTLMv2"
• Previous message: Jason Thompson: "Re: Blocking Port scans"
• Maybe in reply to: Michael Gargiullo: "Vuln Scanner"
• Next in thread: Marc Maiffret: "RE: Vuln Scanner"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:07 EDT