<SNIP> > he said that he used Retina to check his system and that > it showed up as patched. <SNIP> eEye is good at vulnerabilities, and hardening etc. That said, Retina bases much of what it does on the deeply flawed Windows platform, and is subject to many of these inherited deficiencies. I have never been happy with Retina results, and I have tried. Nessus will always give more details - if you are skilled enough to drive well enough to lower false-positive counts. Hey! eEye! What's with the crap UI for target selection? single IPs, or contiguous ranges only? After how many years? What about re-reading old sessions, differences versus historical data and DB storage of findings? What about parsing of TCPdumps, import/export of raw scan data? What about export / import of target lists? These may not all be fair questions - Retina seems, like LANGuard, to be a tool for assisting System and Network Administrators instead of a Security Professional's power tool. The combo of Ethereal/ettercap/Nessus/Nmap with tcpdump and Snort is not matched by ISS or Retina or anybody. I'd rather have a Knoppix CD-ROM in my bag, than US $200K of any commercial tools. -- Jeremiah Cornelius, CISSP, CCNA, MCSE Information Security Technology email: jcorneliat_private - mobile: 415.235.7689 "What would be the use of immortality to a person who cannot use well a half hour?" --Ralph Waldo Emerson --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Aug 13 2003 - 17:53:33 PDT