Thanks Brandon,
Yes, u r right. But not just for numbers in result, for example in the same
server target
>From OpenVAS found it:
Apache Tomcat Denial Of Service Vulnerability -June15 (Windows) (Critical)
Nessus:
MS14-066: Vulnerability in Schannel Could Allow Remote Code
Execution (2992611) (uncredentialed check) (Critical)
OpenVAS did not find Nessus and Nessus did not find OPenVAS vulnerability in
this case
Diego
Subject: Re: [Openvas-discuss] Nessus comparison
From: [email protected]
Date: Tue, 20 Oct 2015 21:04:37 -0500
CC: [email protected]
To: [email protected]
Reported vulnerability count is not a useful measurement for comparing two
vulnerability scanners.
One vulnerability scanner may report all missing patches, including ones that
are superseded by others in the same report, while another does not.
For instance, OpenVAS is far more useful to me than Nessus due to the
architecture of the scanner, and of course being open source is great. All the
patch scanners out there will help you begin regularly auditing and patching
your networks.
On Oct 20, 2015, at 8:51 PM, Diego Gomes <[email protected]> wrote:
Hi guys!
We have here Nessus Professional!
I identified some different results while comparing...
For example, I noticed that OpenVAS found more vuls than Nessus. (ok, not sure
if false-positive or mismatch plugin, configuration, etc...)
But, what I mean is....
Should be OpenVAS more efficient than Nessus? Should I trust in one and not in
other?
Of course, we always need to use 2 different tools for analysis, but my
questions is very interesting and I would like to check your opinions about it!
Thanks,
Diego
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
