Slashdot Mirror

← Back to Stories (view on slashdot.org)

Review of 12 Vulnerability Scanners

Posted by kdawson on from the poking-for-holes dept.

produke points us to a review of security vulnerability scanners. It's light on detail and not terribly well organized, but might provide a starting point for more research. From the article: "A few months back I did some intense testing of all the best vulnerability scanners out there... I had a couple nix boxes hooked up, as well as some dozers, and figured I could add clients to a 'once-a-week' scanning contract. So naturally, I wanted to use the scanner that was the best for my purpose... Better to use firewalk, hping3 (now with scripting!), nmap, etc., and leave these crutch-like tools alone."

5 of 55 comments (clear)

  1. Only 11 by nacturation · · Score: 4, Informative

    Am I missing something? If you RTFA it's only 11 scanners, conveniently listed as 1 through 11:

          1. ISS Internet Security Systems
          2. SSS Shadow Security Scanner
          3. Retina eEye
          4. Nessus
          5. GFI Languard Network Security Scanner
          6. Qualys www.qualys.com
          7. Nstealth Security Scanner www.nstalker.com
          8. Nikto
          9. Whisker
        10. Infiltrator infiltration-systems.com
        11. Nscan

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
    1. Re:Only 11 by Timesprout · · Score: 5, Funny

      12 is actually a cloaked scanner for CIA/NSA uber secret scanning. Its there you just cant see it. Trust me.

      Also in the interests of national security forget you read this post.

      --
      Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
      What truth?
      There is no dupe
  2. Wow by bdigit · · Score: 4, Insightful

    Holy shit. Did this really just make the front page. To summarize, the reviewer "really liked this one" oh and "this one was nice too". I think a third grader could write a better review then that steaming pile of shit. This is the epitome of blog spam.

  3. Iv'e played with a few of these. by Victor+Fors · · Score: 4, Informative

    Granted, i don't consider myself to be in a proper position to write a review of them. However, a few points:

    * Most of these are completely outdated, and easily miss newer security holes. (maybe apart from CORE, which is a commercial and expensive scanner).
    * They are loud and noisy, and due to using well-known shellcode and attack patterns extremely prone to setting off IDS systems.
    * They are, in comparison to Nmap + version scan + personal archive of public exploits, very slow.

    Simply spidering public exploits off archive sites (milw0rm, packetstorm, etc...) and using custom shellcode (even without using tricks like polymorphism) would in my opinion result in much, much higher efficiency compared to using any of these programs.

  4. Strangely, he links to a proper review by bcmm · · Score: 4, Informative

    Here is the link, for those who don't want to give him any ad revenue.

    --
    # cat /dev/mem | strings | grep -i llama
    Damn, my RAM is full of llamas.