[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Anti-Hacker Tools of the trade.

To: Rubens Perdomo <[email protected]>
Subject: Re: [FW1] Anti-Hacker Tools of the trade.
From: Thomas Reinke <[email protected]>
Date: Thu, 12 Oct 2000 18:22:04 -0400
CC: "[email protected]" <[email protected]>
Organization: E-Soft Inc.
References: <[email protected]>
Sender: [email protected]

For what it's worth, "nessus" is absolutely a must have, for anyone
running over-the-network audits of other systems.  The paradigm I
use to describe it is the early open source web server one: Apache.
Started out less capable than other servers, but with open source
behind it, rapidly increased in value utnil today, it is not very
likely that anyone will ever beat it on capability (match it, yes,
but not beat it).

Nessus is a bit like that. It's early in its life cycle, so it's
not yet as good as some other commercial vulnerability scanners.
But, given that it is open source, I'd be really watching out
for this one:

  1) It's very stable now (I couldn't say that a year ago).
  2) It's open source - a number of contributors write test
     scripts.
  3) Scripts are current - vulnerabilities often have scripts
     available for them within several days of the vulnerability
     being announced.
  4) It has already a formidable array of tests (over 520)

Again, for what its worth, we do literally hundreds of security
audits every day through our security portal 
http://www.securityspace.com We've standardized on this tool, 
not because it's the best, but because we honestly feel that it 
WILL be the best in a year or two. (And, in all honesty, because 
the other guys want in excess of $10K/year for a license to use 
their tools without IP restriction, when this one is gratis).

So, what's bad about it?

Well,

  1) It's not yet as good as some other commercial scanners.
  2) You need to be comfortable compiling a bunch of stuff
     to get it up and running.
  3) Learning curve - can take you a day or two to get
     completely used to it, assuming you know Unix, etc.

I can't vouch for the client interfaces (it is a client
server architecture - clients request server to perform
scans, etc) since we built our own client to interface
to our existing auditing system using the published
client-server protocol.

No, I'm not affiliated with nessus (other than I really do
want it to succeed :))

Thomas

Rubens Perdomo wrote:
> 
> Since many of us are really interested in what other colleagues use to
> do audits and or ethical hacking, it would be nice if people can share
> their arsenal of network security tools (free and Commercial). Which
> tool do you use the most ? Which platform do you use ? ect. This would
> help many (including myself) of us to evaluate and use these tools to
> secure our network assets.
> 
> Just a thought.
> 
> Best Regards,
> RP

-- 
------------------------------------------------------------
Thomas Reinke                            Tel:Director of Technology                   Fax:E-Soft Inc.                         http://www.e-softinc.com
Publishers of SecuritySpace     http://www.securityspace.com

================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Anti-Hacker Tools of the trade.
  - From: "Rubens Perdomo" <[email protected]>

Prev by Date: RE: [FW1] RE:
Next by Date: RE: [FW1] Ping of Death
Prev by thread: [FW1] Anti-Hacker Tools of the trade.
Next by thread: RE: [FW1] Anti-Hacker Tools of the trade.
Index(es):
- Date
- Thread