mmmm... Nessus didnt find TCP sequence prediction? err... Nessus dint find SSH old version?
Saint found SMTP on a hidden port that the others dint find? oh come on, all my Nessus scans find these.... I guess thats the problem with reviews, the reviewers never really have time to learn in depth how to use the tools to the greatest effect, so the results are usually biased towards the ones with the biggest buttons and easiest GUI.... IMHO.... Steve ----- Original Message ----- From: "Javier Fernandez-Sanguino" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, March 04, 2003 6:32 PM Subject: Nessus featured in InfoSecurity Magazine > Well, I just found out that the next release of InfoSecurity Magazine (I > don't have the paper version just yet) features a VA tools comparsion: > > http://www.infosecuritymag.com/2003/mar/cover.shtml > > It's unfortunate to see that there are wrong statements in the article > such as: (when talking of plugin updates) > "Nessus' vulnerability database is updated regularly, but you have to go > to the Web site." > > In any case, the best turn out to be Internet Scanner and Nessus. > > Hope is useful. Best regards > > Javi > > PS: There's also an interesting article on how to use the VA results to > tune an IDS (Sourcefire) BTW. >
