lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: Pigrelax at yandex.ru (Alexander) Subject: Comparison of Network Security Scanners Hi! Certainly, this test is not independent. However, methodology of the tests is completely described, and everyone can check up them. I did not see any other similar tests comparing various vulnerability scanners. -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Gregory A. Gilliss Sent: Friday, July 02, 2004 12:46 AM To: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Comparison of Network Security Scanners On my *first* day at my current employer (a large network appliance vendor), we had a situation similar to this. One of these "independent evaluators" informed my employer that they were evaluating my employer's product, and that my employer had 24 hours to respond to their evaluation before they submitted their results. Basically these people were contracted by one of my employer's competitors to "evaluate" the competing products and publish the results. My employer's investigation revealed that these people obtained their equipment (with back level software) through a "gray market" vendor, and that their "tests" included such things as not configuring the hardware prior to testing. In summary, these "independent evaluators" appear to be nothing more than paid agent provocateurs who publish "results" designed to promote one specific product over the competition. BTW, I am not implying that *all* such testing organs are of this caliber, however caveat emptor. G On or about 2004.07.01 21:35:12 +0000, Anders B Jansson (hdw@...listi.se) said: > And to everyones surprise their own product came out on top! > > Wow, it has to be good, film at 11 > > // anders > > Alexander wrote: > >Hi all! > > > >Comparison of Network Security Scanners: > > > >http://www.maxpatrol.com/pd_cmp2.asp > > > >In this survey the following products were tested: > >1 IS - Internet Scanner 7.0 Internet Security Systems > >http://www.iss.net > >2 LG - LanGuard 3.2 GFI > >http://www.gfi.com > >3 Ns - Nessus 2.0.6 Renaud Deraison< > >http://www.nessus.org > >4 NR - NetRecon 3.6 Symantec > >http://www.symantec.com > >5 Rt - Retina 4.9.97 eEye Digital Security > >http://www.eeye.com > >6 MP - MaxPatrol 7.0 Positive Technologies > >http://www.maxpatrol.com > > > > > > > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html -- Gregory A. Gilliss, CISSP E-mail: greg@...liss.com Computer Security WWW: http://www.gilliss.com/greg/ PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists