| Hey! eEye! What's with the crap UI for target selection? single IPs, or | contiguous ranges only? After how many years? What about re-reading old | sessions, differences versus historical data and DB storage of findings? | What about parsing of TCPdumps, import/export of raw scan data? | What about | export / import of target lists? You seem a bit confused. Retina can have more than single IP's and contiguous ranges input into its interface, or from the command line. Some of the supported formats are: 192.168.*.* <-- asterisks 192.168.1.1-15 <-- dashes for ranges 192.168.1.1,2,222,6 <-- comas for group Then you can use spaces between each to cluster everything together and mix and match with something like, "192.168.*.* 192.100.1.4-7 192.200.1-200.1" And then all of this flexible IP selection can be dumped into a plain text file (hosts file) and loaded into Retina for scanning from the GUI or from command line. Oh and there is IP exclusion lists also incase there are any hosts you want to 100% make sure do not get scanned. As for your comments about "re-reading old sessions, differences versus historical data and DB storage" we have all of that and a whole lot more. Like an entire web based enterprise vulnerability management solution. Complete with data trending, a ticketing system - for tracking the remediation of vulnerabilities, and more marketing blurbs i wont bore you with here. You can read more here though http://www.eeye.com/html/Solutions/EnterpriseVA/index.html. | These may not all be fair questions - Retina seems, like | LANGuard, to be a | tool for assisting System and Network Administrators instead of a | Security | Professional's power tool. Retina is actually nothing like LANGuard. LANGuard is much more meant for networks that are perfect with administrator access everywhere to be able to remotely asses machines whereas Retina has audits that do not require administrator access and ones that do, both sides of that fence. If you have budget constraints though definitely check out LANGuard as its not bad for the money. | The combo of Ethereal/ettercap/Nessus/Nmap with tcpdump and Snort is not | matched by ISS or Retina or anybody. I'd rather have a Knoppix | CD-ROM in my | bag, than US $200K of any commercial tools. I agree, Retina is not a Snort/Ethereal/ettercap replacement, nor is Snort/Ethereal/ettercap a replacement for Retina. Nor did the apple I just eat taste like an orange. | Jeremiah Cornelius, CISSP, CCNA, MCSE | Information Security Technology | email: jcorneliat_private - mobile: 415.235.7689 As always, we are not perfect but we do strive to be the best, end story. So feedback like this is definitely always welcome because it is the only thing that will help us make Retina better. Signed, Marc Maiffret Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9538 http://eEye.com/Retina - Network Security Scanner http://eEye.com/Iris - Network Traffic Analyzer http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Aug 14 2003 - 12:02:29 PDT