Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security IT

Review of 12 Vulnerability Scanners 55

produke points us to a review of security vulnerability scanners. It's light on detail and not terribly well organized, but might provide a starting point for more research. From the article: "A few months back I did some intense testing of all the best vulnerability scanners out there... I had a couple nix boxes hooked up, as well as some dozers, and figured I could add clients to a 'once-a-week' scanning contract. So naturally, I wanted to use the scanner that was the best for my purpose... Better to use firewalk, hping3 (now with scripting!), nmap, etc., and leave these crutch-like tools alone."
This discussion has been archived. No new comments can be posted.

Review of 12 Vulnerability Scanners

Comments Filter:
  • Only 11 (Score:5, Informative)

    by nacturation ( 646836 ) <nacturation@gmai l . c om> on Sunday December 31, 2006 @03:09PM (#17417668) Journal
    Am I missing something? If you RTFA it's only 11 scanners, conveniently listed as 1 through 11:

          1. ISS Internet Security Systems
          2. SSS Shadow Security Scanner
          3. Retina eEye
          4. Nessus
          5. GFI Languard Network Security Scanner
          6. Qualys www.qualys.com
          7. Nstealth Security Scanner www.nstalker.com
          8. Nikto
          9. Whisker
        10. Infiltrator infiltration-systems.com
        11. Nscan
     
    • Re:Only 11 (Score:5, Funny)

      by Timesprout ( 579035 ) on Sunday December 31, 2006 @03:21PM (#17417738)
      12 is actually a cloaked scanner for CIA/NSA uber secret scanning. Its there you just cant see it. Trust me.

      Also in the interests of national security forget you read this post.
    • I guess the poster codes in C and saw the last entry as 11
    • Guys, you missed Core Security; it's one of the most solid vulnerability assessment tools I've used in 2006. http://www.coresecurity.com/ [coresecurity.com] Its BY FAR one of the best-of-breed tools out there.
      • Re: (Score:2, Informative)

        by Anonymous Coward

        Core's not a vulnerability scanner.

        Don't get me wrong, it's a great product, but Core Impact [coresecurity.com] and Immunity's Canvas [immunityinc.com] are in a class of their own (well, along with Metasploit [metasploit.com] of course). Different focus for the product, so an entirely different set of requirements you'd compare them against. They're built specifically for penetration testing. They don't just look for vulnerabilities, they actually try to exploit those vulnerabilities and use them to exploit other vulnerabilities.

        So if, for example, you

        • by Heembo ( 916647 )
          That was a very insightful comment; thanks for chiming in! Canvas is decent, but you need to program in the exploits. In a Canvas vs. Core test, I'm preferential to core - but some of my old-school risk assessment friends swear by Canvas.

          Do you have any Canvas vs. Core thoughts, oh wise Anonymous one?
    • 12. Fnord

      That's your answer on what happened to it.
    • Re: (Score:1, Funny)

      by Anonymous Coward
      The twelfth scanner is you, the audience; without you we're nothing.
    • This one goes to 12.
  • "once a week scanning contract" - do they make core architectural changes that often? Damn, if you signed someone up for that level of cash, I take my hat off to you, man. If all you're doing is running nmap from your cable modem, your cost is nothing more than rent to your parents for use of the basement, and your charge to your mark^Wcustomer is pure profit.
    • by GigsVT ( 208848 )
      People pay for stupider things. Like "service monitoring"... GET /index.html... 200, yep you are ok. Please pay my invoice!
      • People pay for stupider things. Like "service monitoring"... GET /index.html... 200, yep you are ok. Please pay my invoice!

        Yeah. But the way I do it is to get a document that, in order for it to render, has to make database connections, deal with a web service, and report back the time it took perform those tasks... and log the results in a table that is used to drive a performance history, going back months. And, of course, e-mail and text messaging to the folks who need to be pleasantly informed if som
    • > "once a week scanning contract" - do they make core architectural changes that often?

      Think of it this way - do they tell you when they make changes to their systems? Answer: of course not.

      So, either you scan monthly or quarterly - and leave vulnerabilities undetected, unreported and wide open to exploit for weeks or months. Or you scan much more frequently, and catch it when it happens.

      Just need a nice way to identify deltas so that they don't constantly have to wade through false positives.
  • Therefore, it's perfect for SlashDot!
    • And short on ethics. We are advised one way to get a copy for testing is via warez. But we are also told not to use them for cracking so I guess it is okay.
  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Sunday December 31, 2006 @03:37PM (#17417840)
    Comment removed based on user account deletion
    • Re:Wow (Score:4, Funny)

      by Tihstae ( 86842 ) <Tihstae@gmail.com> on Sunday December 31, 2006 @03:43PM (#17417874) Homepage

      I think a third grader could write a better review then that steaming pile of shit.
      I think a third grader knows the proper usage of the words then and than.
    • Re: (Score:1, Insightful)

      by Anonymous Coward
      I normally don't take the time to write useless "I concur!"-type comments--especially under AC--but it must be said. I have never seen an "article" this poorly written linked on slashdot. This is not a review, it is the drug-distorted rambling of a nine-year-old.
    • by JPriest ( 547211 )
      You didn't read the disclaimer in the article summary? I think the Internet would be quite a bit safer if more companies took an automated vuln scanner to their gear once in a while.
    • You must be new here.
  • Am I wrong? (Score:2, Informative)

    by flyneye ( 84093 )
    Am I wrong to think that vulnerability could be tested from the Backtrack Live cd?
    http://www.remote-exploit.org/index.php/BackTrack [remote-exploit.org]
    If I'm wrong I apologize,If not,well,it's a free download fulla' tools.
    maybe I'm missing something here,maybe not.

  • Have the stories here finally sunk as low as they can possibly go? Can it only go up from here? Let's hope so.

    'nix and 'dozers was bad enough, but then a splog with nothing of substance was just too much.
  • Yes but (Score:1, Troll)

    by Watson Ladd ( 955755 )
    can they perform cunnilingus on a hardwood floor?
  • by Victor Fors ( 987095 ) on Sunday December 31, 2006 @05:59PM (#17418588)
    Granted, i don't consider myself to be in a proper position to write a review of them. However, a few points:

    * Most of these are completely outdated, and easily miss newer security holes. (maybe apart from CORE, which is a commercial and expensive scanner).
    * They are loud and noisy, and due to using well-known shellcode and attack patterns extremely prone to setting off IDS systems.
    * They are, in comparison to Nmap + version scan + personal archive of public exploits, very slow.

    Simply spidering public exploits off archive sites (milw0rm, packetstorm, etc...) and using custom shellcode (even without using tricks like polymorphism) would in my opinion result in much, much higher efficiency compared to using any of these programs.
  • by bcmm ( 768152 ) on Sunday December 31, 2006 @06:50PM (#17418842)
    Here [networkcomputing.com] is the link, for those who don't want to give him any ad revenue.
  • I think I'll stick with the easy way... Knoppix STD and a very authentic looking janitor's uniform.
  • I am baffled that someone even came across this article let alone posted it to Slashdot. This is probably one of the most juvenile reviews I have ever read. On top of that it's quite obvious it was written by a script kiddie. Who would actually do a [limited] review of security tools and talk about how they "can be tested for free, either through an evaluation or trial, or warez"?? This is by far one of the saddest reviews I have ever seen.

    I pray that no one out there even considers using this person

"I've finally learned what `upward compatible' means. It means we get to keep all our old mistakes." -- Dennie van Tassel

Working...