Slashdot Mirror

← Back to Stories (view on slashdot.org)

Review of 12 Vulnerability Scanners

Posted by kdawson on from the poking-for-holes dept.

produke points us to a review of security vulnerability scanners. It's light on detail and not terribly well organized, but might provide a starting point for more research. From the article: "A few months back I did some intense testing of all the best vulnerability scanners out there... I had a couple nix boxes hooked up, as well as some dozers, and figured I could add clients to a 'once-a-week' scanning contract. So naturally, I wanted to use the scanner that was the best for my purpose... Better to use firewalk, hping3 (now with scripting!), nmap, etc., and leave these crutch-like tools alone."

10 of 55 comments (clear)

  1. Only 11 by nacturation · · Score: 4, Informative

    Am I missing something? If you RTFA it's only 11 scanners, conveniently listed as 1 through 11:

          1. ISS Internet Security Systems
          2. SSS Shadow Security Scanner
          3. Retina eEye
          4. Nessus
          5. GFI Languard Network Security Scanner
          6. Qualys www.qualys.com
          7. Nstealth Security Scanner www.nstalker.com
          8. Nikto
          9. Whisker
        10. Infiltrator infiltration-systems.com
        11. Nscan

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
    1. Re:Only 11 by Timesprout · · Score: 5, Funny

      12 is actually a cloaked scanner for CIA/NSA uber secret scanning. Its there you just cant see it. Trust me.

      Also in the interests of national security forget you read this post.

      --
      Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
      What truth?
      There is no dupe
  2. Wow by bdigit · · Score: 4, Insightful

    Holy shit. Did this really just make the front page. To summarize, the reviewer "really liked this one" oh and "this one was nice too". I think a third grader could write a better review then that steaming pile of shit. This is the epitome of blog spam.

    1. Re:Wow by Tihstae · · Score: 3, Funny

      I think a third grader could write a better review then that steaming pile of shit. I think a third grader knows the proper usage of the words then and than.
  3. Am I wrong? by flyneye · · Score: 2, Informative

    Am I wrong to think that vulnerability could be tested from the Backtrack Live cd?
    http://www.remote-exploit.org/index.php/BackTrack
    If I'm wrong I apologize,If not,well,it's a free download fulla' tools.
    maybe I'm missing something here,maybe not.

    --
    *Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
  4. Re:Core Security by Anonymous Coward · · Score: 2, Informative

    Core's not a vulnerability scanner.

    Don't get me wrong, it's a great product, but Core Impact and Immunity's Canvas are in a class of their own (well, along with Metasploit of course). Different focus for the product, so an entirely different set of requirements you'd compare them against. They're built specifically for penetration testing. They don't just look for vulnerabilities, they actually try to exploit those vulnerabilities and use them to exploit other vulnerabilities.

    So if, for example, you were to compare the above three products with the 12 (11?) in the review, they'd look pathetic in terms of total number of exploit checks. That's a pretty important comparison for VA products, but not so much for pen-testing. For pen-testing, you want checks that you know you can actually use. For VA, you don't really care, you just want checks for things that someone might be able to use, even if you can't.

    Of course, for the attacks they do have pen-test products can do much more with them, but again, just a different focus for the products.

  5. Iv'e played with a few of these. by Victor+Fors · · Score: 4, Informative

    Granted, i don't consider myself to be in a proper position to write a review of them. However, a few points:

    * Most of these are completely outdated, and easily miss newer security holes. (maybe apart from CORE, which is a commercial and expensive scanner).
    * They are loud and noisy, and due to using well-known shellcode and attack patterns extremely prone to setting off IDS systems.
    * They are, in comparison to Nmap + version scan + personal archive of public exploits, very slow.

    Simply spidering public exploits off archive sites (milw0rm, packetstorm, etc...) and using custom shellcode (even without using tricks like polymorphism) would in my opinion result in much, much higher efficiency compared to using any of these programs.

  6. Strangely, he links to a proper review by bcmm · · Score: 4, Informative

    Here is the link, for those who don't want to give him any ad revenue.

    --
    # cat /dev/mem | strings | grep -i llama
    Damn, my RAM is full of llamas.
  7. Re:Core Security by ResidntGeek · · Score: 2, Funny
    That was a very insightful comment; thanks for chiming in!
    ...
    oh wise Anonymous one?
    Wow. Your sig is perfectly correct.
    --
    ResidntGeek
  8. Where do people find this crap? by madsheep · · Score: 2, Interesting

    I am baffled that someone even came across this article let alone posted it to Slashdot. This is probably one of the most juvenile reviews I have ever read. On top of that it's quite obvious it was written by a script kiddie. Who would actually do a [limited] review of security tools and talk about how they "can be tested for free, either through an evaluation or trial, or warez"?? This is by far one of the saddest reviews I have ever seen.

    I pray that no one out there even considers using this person for a "scanning contract". This person is much more likely to do harm than any good. As mentioned it also seems the person is missing quite a few obvious vulnerability scanners from their top 11 list. Perhaps this is because our reviewer wasn't 31337 enough to get a cracked or evaluation version for these products. Core Impact or Foundstone Foundscan would easily rank about most or all(?) of these on the list. I mean Nikto is #8 on the list. Sure it's a neat tool, but it's simply a limited web application scanner. Our reviewer here does not have a clue.

    Looks like 2007 is not off to a strong start! :(