I've got my Nessus license and happy with that for the main scan, what I'm thinking off is running the free OpenVas as a second scanner just to see if it picks up anything missed and as a way to compare to quickly spot differences.
Robin On 14 Dec 2010 14:56, "Ron Gula" <[email protected]> wrote: On 12/13/2010 6:17 PM, Robin Wood wrote: > I was wondering if anyone used both OpenVas and Nessus wh... When testing vulnerability scanners, it's important to realize there are very different segments of code that go into a scanner. Although OpenVAS is based on Nessus2, there have been many major changes in Nessus over the past few years you should consider. For un-credentialed checks (scanning without admin rights) you should consider how fast the scan runs, the number of ports/hosts scanners and the overall false positive/negative rate. For credentialed checks speed is also something you should consider. False positives are less of an issue with credential checks, but false negatives are a big issue. Lots of other scanners besides Nessus miss 3rd party apps like java, trend, iTunes, .etc. and only focus on patches related to the OS. Doing things like running netstat durign a port-scan dramatically changes the speed of the scan as well. In general if you watch the amount of memory used by your scanner while it is scanning, you can get a sense of how well it will scan when testing 100s of hosts, 1000s of hosts, .etc. If you are doing PCI, FDCC, CIS or other types of audits, Tenable added config auditing to Nessus so you can report on these types of standards. If folks have test results of Nessus and other scanners, I am always interested in how things performed. -- Ron Gula, CEO Tenable Network Security http://www.tenable.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
