RE: Vulnerability scanners

From: Rob Shein (shotenat_private)
Date: Thu Mar 27 2003 - 12:34:05 PST

Next message: Ken Smith: "RE: Vulnerability scanners"

Previous message: Ramon Izaguirre: "Re: Public implementation of birthday attack ( dns poisoning ) ?"
In reply to: Dan Lynch: "Vulnerability scanners"
Next in thread: Ken Smith: "RE: Vulnerability scanners"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'd be astounded if it took that much money to administer Nessus.  I run
nessus, and it's so little trouble that I don't think I've spent 60 minutes
administering/installing/maintaining it all year so far.  Every time I run
it, I do the check for updates (and heck, you can set that as a cron job if
you really want), and aside from that I've had no trouble with it
whatsoever.  I cannot believe that Qualys has vulnerability signatures
faster than Nessus, at least by any reasonable amount of time...I've seen
NASL plugins out within hours of the vulnerability being made public.
Easier updates than Nessus?  Um..."nessus-update-plugins"...wait about 20-90
seconds...done!  What's so hard about that?  And I can write my own NASL
plugins for Nessus if I so desire (and I have), which I cannot do with
Qualys.  

Finally, a company I worked for tested Qualys once, and they failed to find
some of the more important problems with the NT box we stood up outside of
our firewall.  This was years ago, and I'm sure things have improved (or so
I hope) but it was still a powerful thing to see first hand.  In the end, we
went with Nessus, and never had a problem after that.

> -----Original Message-----
> From: Dan Lynch [mailto:dan.lynchat_private] 
> Sent: Wednesday, March 26, 2003 6:47 PM
> To: pen-testat_private
> Subject: Vulnerability scanners
> 
> 
> Greetings list,
>  
> Yesterday some reps from Qualys came with a sales 
> presentation for their QualysGuard appliance. I'd like to 
> solicit your comments and opinions on that product. In 
> particular, do you think it's $45,000 per year better than 
> Nessus? (That's about the cost we'd face based on our IP 
> address range.) They claim it costs as much in administration 
> to run Nessus. Does Qualys' claim to more vulnerability 
> signatures and faster/easier updates hold water?
>  
> Any input you can offer is greatly appreciated.
>  
>  
>  
> Dan Lynch
> Information Technology Analyst
> County of Placer
> Auburn, CA
>  
> 530/889-4222
>  
> 
> Bureaucracy: the art of making the possible impossible.
> 
> 
> top spam and e-mail risk at the gateway.
> SurfControl E-mail Filter puts the brakes on spam & viruses
> and gives you the reports to prove it. See exactly how much 
> junk never even makes it in the door. Free 30-day trial: 
http://www.surfcontrol.com/go/zsfptl1




top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial:
http://www.surfcontrol.com/go/zsfptl1

Next message: Ken Smith: "RE: Vulnerability scanners"
Previous message: Ramon Izaguirre: "Re: Public implementation of birthday attack ( dns poisoning ) ?"
In reply to: Dan Lynch: "Vulnerability scanners"
Next in thread: Ken Smith: "RE: Vulnerability scanners"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 27 2003 - 12:50:16 PST