[Snort-users] Security scanning software

Al Huger - Mail Account ah1 at ...35...
Sun Oct 15 11:24:13 EDT 2000


On Thu, 12 Oct 2000, Jerry Shenk wrote:

> What do people here use for security scanning - that is, testing your
> security setups to make sure you've got things covered?  I typically use
> nmap, nessus and to a lesser degree Saint.  How do they compare with ISS,
> CyberCop or other commercial apps?

All those open source tools together are probably comparable to either ISS
or CyberCop Scanner in terms of testing an IDS. If you are using it to
test individual signatures I would suggest sticking with Nessus or another
Open Source solution given that you have access to the code and can see
precisely what the check is doing, a luxury you do not have with
commercial scanners (except for CyberCop CASL modules). 

In terms of how they compare for use in auditing etc. that's a religous
issue. There was a thread on the securityfocus pen-test list but it
mostly dealt with their effectiveness in auditing, IMO both CCS and ISS
have up's and downs with neither being overall 'better'.






> 
> --------------------------------------------------------------
> Jerry A. Shenk - MCNE, GIAC certified intrusion analyst
> Sr. Systems Engineer - Computer Networking Services
> D&E Communications, Inc.
> jshenk at ...514... (also jas at ...129...)
> 1-877-433-8632 Fax via efax: (603) 250-1453
> my website: http://jerryslinux.dyndns.org/jas
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users
> 




More information about the Snort-users mailing list