On Tue, Mar 04, 2003 at 07:32:51PM +0100, Javier Fernandez-Sanguino wrote:
> Well, I just found out that the next release of InfoSecurity Magazine (I
> don't have the paper version just yet) features a VA tools comparsion:
>
> http://www.infosecuritymag.com/2003/mar/cover.shtml
Ok managed to contact Joel and we exchanged a few emails. Some of the
issues spotted in the article were valid, some were less (such as
nessus-update-plugins).
I think most of the problems come from the default configuration of
NessusWX -I'll work with Viktor on that one- and of Nessus 1.2.x (for
instance sid2localusers.nasl only enumerates users whose SID is between
1000 and 1020 by default, which is probably why the dormant windows
account have not been found). I commited some fixes regarding that.
I think that the bottom line is that Nessus would have performed much
better with non-default configuration options, but one could argue that
not everyone is knowledgeable enough to tweak everything.
I think this also hilighted some lack of documentation on Nessus.org,
and I'll create an HOWTO section. The subjects that come to my mind
are :
How to audit a Windows domain effectively
How to scan a firewalled host
How to update the Nessus plugins automatically
So I suggest we consider the case as being closed and work on
improvements.
-- Renaud
