>But I guess the best and most honest comparison is to scan some of your
>systems and show what vulnerabilities are missed by each scanner. I'd expect
>Nessus to do very well.
This is the idea. We run a very large variety of systems, and I would like to have a correlation so we can see where ISS is better and when nessus is better.
>As for migrating the tests, I think I'd tackle from first principles, and >ask why you have a complex ISS policy at all? You can go a long way with a >"try everything 'cos the black hats will" policy, perhaps in conjunction >with "all but DoS tests" for production systems.
We have a very heavy policy, and we want to make sure that no test falls through the cracks. There are a few (not many) tests that are available in ISS, but not in nessus. In addition, some of the Vaxes, and older machines on our network don't respond well to vulnerability scanning, and we want to see if nessus does better or worse on these tests.
>These are just my experiences with the two programs, but I would take Nessus over SiteProtector any day...
Don't get me wrong, we prefer nessus, and in fact use nessus for must of our really technical work. We wouldn't touch SiteProtector with a 10 foot poll.
Unfortunately I can't go into much more detail as to why we still use ISS, or much about how we have it integrated. I can say that we really want it out of our network.
Thanks again, David Sayre Los Alamos National Labs
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
