John Sawyer wrote: > The $1200 a year difference is probably quite significant for some people.
The Nessus home feed is free for home users. So, depends your budget and type/size of your organization. > Since most of these checks are a result of the Conficker Working Group, > I would suspect their mostly all the same minus some minor adjustments > for the idiosyncrasies of each tool. Agreed. Paul > > -jhs > > On Mar 30, 2009, at 12:29 PM, Paul Asadoorian wrote: > >> Not certain, but you could compare the NASL and the NSE to see. Nessus >> may just be easier for some if you don't have the SVN version of Nmap >> already installed in your environment. >> >> Cheers, >> Paul >> >> Albert R. Campa wrote: >>> interesting, so not having looked at this yet, whats the difference >>> between that and scanning with Nessus? >>> >>> >>> __________________________________ >>> Albert R. Campa >>> >>> >>> 2009/3/30 John Sawyer <[email protected] <mailto:[email protected]> >>> <mailto:[email protected]>> >>> >>> The Conficker check is in the latest SVN version of Nmap. It's in >>> the smb-check-vulns.nse which now checks for Conficker, MS08-067 and >>> a regsvc DoS. >>> >>> nmap --script smb-check-vulns.nse -p445 >>> >>> For safety's sake, you might want to also run it with >>> --script-args=unsafe=1 to prevent possible crashes from the regsvc >>> check. That should not turn off the conficker check. >>> >>> -jhs >>> >>> On Mar 30, 2009, at 11:10 AM, Chris Merkel wrote: >>> >>>> According to this: >>>> http://www.theregister.co.uk/2009/03/30/conficker_signature_discovery/ >>>> >>>> A script should be released today to scan for conficker-infected >>>> machines over the wire. >>>> >>>> I looked at the NSE portal and haven't seen anything yet - would it >>>> show up there, or is there a development site or repository where >>>> this >>>> will first appear? >>>> >>>> I'd like to get a scan in before April 1st, when variant C drops. >>>> >>>> -- >>>> - Chris Merkel >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]> >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com <http://pauldotcom.com/> >>>> >>> >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> <mailto:[email protected]> >>> <mailto:[email protected]> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com <http://pauldotcom.com/> >>> >>> >>> >>> ------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] <mailto:[email protected]> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >> >> -- >> Paul Asadoorian >> PaulDotCom Enterprises >> Web: http://pauldotcom.com >> Phone: 401.829.9552 >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] <mailto:[email protected]> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > ------------------------------------------------------------------------ > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com -- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
