Re: Cisco CTR

[Ron Gula <rgula () tenablesecurity com>]

I know RNA has not officially shipped yet, but from the web site,
it looks very similar to NeVO. It does similar OS fingerprinting,
traffic profiling, security vulnerabilities and so on.

The question I've not been able to get a good answer for is if
RNA looks for unique vulnerabilities, or if it using the operating
systems or application fingerprint to determine which vulnerabilities
are active.

Ron Gula
Tenable Network Security


At 09:41 PM 11/13/2003 -0500, Martin Roesch wrote:
> Vendor Alert: I work for Sourcefire.
>
> RNA is not a passive vulnerability scanner, vulnerability analysis is
> only a subset of what it can accomplish.  I've taken to calling RNA a
> passive network discovery system (PNDS) since that's a more accurate
> description of what it does.
>
> BTW, the demo that Joe saw was from a beta of RNA that we were running
> in-house, production versions should only be set to discover your
> internal network so you don't accidentally start mapping other people's
> networks with it.  We had our internal sensors tuned that way for
> testing of preproduction units only, we don't condone mapping other
> people's networks with RNA.
>
>      -Marty


---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ids_031023 
and use priority code SF4.
---------------------------------------------------------------------------