Re: Re: Assessment tools/Scanners

[gshipley () neohapsis com (Greg Shipley)]

On Fri, 8 Oct 1999 henry.escobar () mindspring com wrote:

> I was surprised that I didn't see nmap in your list as well. It's a
> great portscanner with almost everytype of scan available for free at
> http://www.insecure.org/nmap

Namp is awesome, but it is NOT a vulnerability assesment tool in the same
manner the others are.  I can't point nmap at a machine and have it report
back "You are running IIS and the MDAC hole is still present."  nmap
doesn't have a back-end vulnerability DB.  It's great, but it doesn't have
that kind of functionality.

I use nmap almost every day, and you are right, that is what an intruder
would probably use.  BUT - it is a port scanner.  When you purchase
Cybercop Scanner, ISS, etc., you are paying for the scanner AND the
back-end DB.  It's the reporting and the specific vuln checks that you pay
for.

Of course, if you know all the problems on a per-port, per-service level
(some 700 known issues) then yeah - you could use nmap and do the work by
hand....
 

> I've also found, and have fallen in love with, http://www.opensec.net
> It has alot of great links to free open source security tools.

Is it a port scanner, or...?  Cool - I'll check it out.

> Just because you pay for it, doesn't neccesary mean it's better...
> I also feel that you need to use the tools that will be used against you...

Agreed - but in this case, it's not an apples to apples comparison, no?

-G