In my experience in scanning (internal nd external), together with some
experience with consultants, I've learned that are several tools for
several tastes.
nmap is a very all-round tool.
superscan is nice for windows scanners.
iss is a good scanner, with lots of tunning and tweaking for the best of
results.
cyber cop is very strong in reporting (big issue after the dirty job ;)
).
nessus very good tool for *nix targets (dns, ftp, SNMP, mail, http)
retina is a nice loking and efective tool (good report also)
there are several good tools for testing cgi's and ecommerce software.
and in the end the securityfocus exploits compiled and tried against
several machines (jolt2 make windows 150% loaded, for instance...)
The ability of data gathering from both sides , the results from the
scanner and the messages from the target, that's where the gold is.
So, it's a hell of a job.
Hope it helped.
Rafael Teixeira
"Jarmon, Don R" wrote:
>
> http://www.nwc.com/1201/1201f1b1.html
>
> -----Original Message-----
> From: Al Saenz [mailto:[EMAIL PROTECTED]]
> Sent: Monday, February 12, 2001 1:48 PM
> To: [EMAIL PROTECTED]
> Subject: Network Scanning Recommendations
>
> Hello.
>
> I appreciate your advice.
>
> I have a network that I would like to be able to scan for weaknesses from
> the outside like from the internet.
> What products do you recommend to do such a task.
>
> I have been to www.iss.net and read a little bit about the Internet Scanner.
> Is this a good product. If you want to send me some links to some sites
> that have reviewed scanner type software that would be nice too.
>
> Thank you for your help
>
> al
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
--
"And you may ask yourself,
Well ... How did I get here?"
- Talking Heads
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
