Results 1 to 4 of 4

Thread: Scanner for them, scanner for us.

  1. #1

    Scanner for them, scanner for us.

    Quick hit I hope here.

    Our auditing department uses ISS and NESSUS to scan our network. The company supports us using ISS to scan but not NESSUS. So a few things me'ah:

    1. Is NESSUS a better scanner overall than ISS or should be used as a 2nd opinion scanner?
    2. What about SNORT? Is it comparable to ISS/NESSUS? Is SNORT betta?
    3. Is there just a host scanner to have a server scan and report on itself (or just use ISS/NESSUS)?
    4. I see that nmap is supposed to be a part of NESSUS as well, has anyone seen big issues with using nmap? Either alone or as part of NESSUS?

    Ok, maybe not such a quick hit, but I figure we have some pretty big brains out there...


    Thanks in advance!
    \"Quis custodiet ipsos custodes?\"
    -Juvenal

  2. #2
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    1) No its not; however, it is also free and it is also very good and usually has new checks before ISS does. If you have a small network, Nessus is more than capable. If you have a large network, ISS is much faster and generally has better reporting features. I recommend using both, nessus has its strengths as does ISS, and most of the time will catch different things that the other may miss. You should pay special attention to the attacks used by nessus however since they are supplied by the public at large.

    2) Snort is an IDS product, not a scanner.

    3) I don't understand the question.

    4) Nmap is an extremely powerful scanner; however, it is a network/port/OS Detection scanner, not a vulnerability scanner. Nessus uses Nmap to indentify live machines and the services running on them (and sometimes OS), whereas ISS has their own engine.

    They are both good, if you can afford ISS, then keep it and run both. If money is tight, nessus is a good product.

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    I think I might understand Question 3, correct me if I'm wrong. But are you trying to ask if there is a server side app that you can use that will run a scan on itself and make logs and such and report back if there are any "problems". IE any holes or whatnot in the structure?
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]

  4. #4
    I think I might understand Question 3, correct me if I'm wrong. But are you trying to ask if there is a server side app that you can use that will run a scan on itself and make logs and such and report back if there are any "problems". IE any holes or whatnot in the structure?
    Correct. Sorry about the phrasing. And I was misinformed on Snort, thanks for the correction. Thanks for the comments so far - good advice!
    \"Quis custodiet ipsos custodes?\"
    -Juvenal

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •